CVSS: 7.1EPSS: 0%CPEs: 157EXPL: 0CVE-2006-2071
https://notcve.org/view.php?id=CVE-2006-2071
27 Apr 2006 — Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 2CVE-2006-1863 – Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass
https://notcve.org/view.php?id=CVE-2006-1863
25 Apr 2006 — Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864. • https://www.exploit-db.com/exploits/27769 •
CVSS: 6.2EPSS: 0%CPEs: 143EXPL: 0CVE-2006-1056
https://notcve.org/view.php?id=CVE-2006-1056
20 Apr 2006 — The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsiste... • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2006-1368
https://notcve.org/view.php?id=CVE-2006-1368
23 Mar 2006 — Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure. • http://secunia.com/advisories/19330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1343
https://notcve.org/view.php?id=CVE-2006-1343
21 Mar 2006 — net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/netfilter/ip_conntrack_core.c en el kernel de Linux 2.4 y 2.6 y posiblemente net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c en 2.6, no aclara sockaddr_in.sin_zero antes... • http://marc.info/?l=linux-netdev&m=114148078223594&w=2 •
CVSS: 7.5EPSS: 2%CPEs: 156EXPL: 0CVE-2006-1242
https://notcve.org/view.php?id=CVE-2006-1242
15 Mar 2006 — The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. • http://secunia.com/advisories/19402 •
CVSS: 9.8EPSS: 0%CPEs: 124EXPL: 0CVE-2006-0557
https://notcve.org/view.php?id=CVE-2006-0557
12 Mar 2006 — sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors. • http://lkml.org/lkml/2006/2/27/355 •
CVSS: 7.8EPSS: 0%CPEs: 114EXPL: 0CVE-2006-0096
https://notcve.org/view.php?id=CVE-2006-0096
06 Jan 2006 — wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is protected by CAP_NET_ADMIN; thus it might not be a vulnerability, although capabilities provide finer distinctions between privilege levels. • http://linux.bkbits.net:8080/linux-2.4/cset%401.1448.91.23?nav=index.html%7Csrc/%7Csrc/drivers%7Csrc/drivers/net%7Csrc/drivers/net/wan%7Crelated/drivers/net/wan/sdla.c •
CVSS: 5.5EPSS: 0%CPEs: 60EXPL: 0CVE-2005-0489
https://notcve.org/view.php?id=CVE-2005-0489
31 Dec 2005 — The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory. • http://kernel.debian.net/debian/pool/main/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_ia64.changes •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2005-4351
https://notcve.org/view.php?id=CVE-2005-4351
31 Dec 2005 — The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. • http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html •