CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2480
https://notcve.org/view.php?id=CVE-2007-2480
03 May 2007 — The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications. La función _udp_lib_get_port de _udp_lib_get_port en Linux kernel 2.6.21 y versiones anteriores no previene una asociación a un puerto con una dirección local cuando ya existe una asociación a ese puerto con ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=de34ed91c4ffa4727964a832c46e624dd1495cf5 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1353 – Bluetooth setsockopt() information leaks
https://notcve.org/view.php?id=CVE-2007-1353
24 Apr 2007 — The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer. La función setsockopt en el soporte Bluetooth L2CAP y HCI en el núcleo de Linux anterior a 2.4.34.3 permite a atacantes remotos dependientes de contexto leer la memoria del núcleo y obtener información sensible mediante ... • http://rhn.redhat.com/errata/RHSA-2007-0488.html •
CVSS: 9.8EPSS: 0%CPEs: 19EXPL: 0CVE-2007-2172 – fib_semantics.c out of bounds access vulnerability
https://notcve.org/view.php?id=CVE-2007-2172
22 Apr 2007 — A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions. Un error tipográfico en el Kernel de Linux versión 2.6 anterior a 2.6.21-rc6 y versión 2.4 anterior a 2.4.35 hace que RTA_MAX se utilice como un tamaño de matriz en lugar de RTN_MAX, lo que conlleva a un "out of bound access" mediante las funcion... • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 18%CPEs: 1EXPL: 1CVE-2007-1357 – Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service
https://notcve.org/view.php?id=CVE-2007-1357
11 Apr 2007 — The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum. La función atalk_sum_skb en AppleTalk para Linux kernel 2.6.x anterior a 2.6.21, y posiblemente 2.4.x, permite a atacantes remotos provocar denegación de servicio (caida) a través de la ventana AppleTalk que es ... • https://www.exploit-db.com/exploits/29826 •
CVSS: 5.5EPSS: 0%CPEs: 238EXPL: 0CVE-2007-1592 – IPv6 oops triggerable by any user
https://notcve.org/view.php?id=CVE-2007-1592
22 Mar 2007 — net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket. El archivo net/ipv6/tcp_ipv6.c en el kernel de Linux versiones 2.6.x hasta 2.6.21-rc3, copia inadvertidamente el ipv6_fl_socklist desde un socket TCP de escucha hacia sockets de un proceso hijo, lo ... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1496 – Various NULL pointer dereferences in netfilter code
https://notcve.org/view.php?id=CVE-2007-1496
16 Mar 2007 — nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference. nfnetlink_log en netfilter de the Linux kernel versiones anteriores a 2.6.20.3 permite a atacantes provocar una denegación de servicio (caída) mediante vectores sin especificar involucrando (1) la función nf... • http://secunia.com/advisories/24492 •
CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 0CVE-2007-1497 – IPv6 fragments bypass in nf_conntrack netfilter code
https://notcve.org/view.php?id=CVE-2007-1497
16 Mar 2007 — nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments. nf_conntrack en netfilter en el kernel de Linux anterior a 2.6.20.3 no fija nfctinfo durante el nuevo re-ensamble de paquetes fragmentados, lo cual deja el valor por defecto como IP_CT_ESTABLISHED y permitiría a atacantes remotos evitar ciertas reglas d... • http://secunia.com/advisories/24492 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2007-1000 – Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak
https://notcve.org/view.php?id=CVE-2007-1000
12 Mar 2007 — The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference. La función ipv6_getsockopt_sticky en net/ipv6/ipv6_sockglue.c en el núcleo de Linux anterior a 2.6.20.2 permite a usuarios locales leer memoria del núcleo de su elección mediante determinadas llamadas getsockopt que disparan una referencia a NULL. • https://www.exploit-db.com/exploits/4172 •
CVSS: 5.5EPSS: 0%CPEs: 141EXPL: 1CVE-2007-1388 – Linux Kernel 2.6.x - IPv6_SockGlue.c Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2007-1388
10 Mar 2007 — The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference. La función do_ipv6_setsockopt en el archivo net/ipv6/ipv6_sockglue.c en el kernel de Linux versiones anteriores a 2.6.20, y posiblemente otras versiones, permite a usuarios locales ... • https://www.exploit-db.com/exploits/29781 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2007-0005 – Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-0005
10 Mar 2007 — Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges. Múltiples desbordamientos de búfer en los manejadores de (1) lectura y (2) escritura en el controlador Omnikey CardMan 4040 en el kernel de Linux versiones anteriores a 2.6.21-rc3, permite a usuarios locales alcanzar privilegios. • https://www.exploit-db.com/exploits/3441 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •