CVSS: 7.5EPSS: 0%CPEs: 182EXPL: 0CVE-2012-4542 – kernel: block: default SCSI command filter does not accomodate commands overlap across device classes
https://notcve.org/view.php?id=CVE-2012-4542
28 Feb 2013 — block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes. block / scsi_ioctl.c en el kernel de Linux a través de v3,8 no tiene debidamente en cuenta la clase de dispositivo SCSI durante la autorización de los comandos SCSI, lo que permite a usuarios locales eludir restricciones de acceso destinados a travé... • http://marc.info/?l=linux-kernel&m=135903967015813&w=2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 8CVE-2013-1763 – Linux Kernel 3.3 < 3.8 (Ubuntu / Fedora 18) - 'sock_diag_handlers()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2013-1763
28 Feb 2013 — Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message. Errores de indice en array en la función __ sock_diag_rcv_msg en net / core / sock_diag.c en el kernel Linux v3.7.10 antes permite a usuarios locales obtener privilegios a través de un valor familia grande en un mensaje Netlink. Multiple vulnerabilities has been found and corrected in the Linux kernel. The updated... • https://www.exploit-db.com/exploits/33336 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 182EXPL: 0CVE-2013-0343 – kernel: handling of IPv6 temporary addresses
https://notcve.org/view.php?id=CVE-2013-0343
28 Feb 2013 — The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. La función ipv6_create_tempaddr en net/ipv6/addrconf.c en el kernel de Linux hasta la v3.8 no maneja adecuadamente los problemas con la ... • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html •
CVSS: 5.5EPSS: 0%CPEs: 172EXPL: 2CVE-2012-5375 – Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service
https://notcve.org/view.php?id=CVE-2012-5375
18 Feb 2013 — The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value. La característica CRC32C en la aplicación Btrfs en el kernel Linux 3.8-rc1 antes permite a usuarios locales provocar una denegación de servicio (prevención de la creación de archivos)... • https://www.exploit-db.com/exploits/38132 • CWE-310: Cryptographic Issues •
CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0CVE-2013-0231 – kernel: xen: pciback DoS via not rate limited log messages
https://notcve.org/view.php?id=CVE-2013-0231
13 Feb 2013 — The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. La función pciback_enable_msi en el controlador PCI backend (drivers/xen/pciback/conf_space_capability_msi.c) en Xen para Linux kernel v2.6.18 y v3.8, permite que los usuari... • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0886
https://notcve.org/view.php?id=CVE-2001-0886
21 Dec 2001 — Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. Desbordamiento de buffer en la función glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrarios mediante un patrón de glob que acaba en una llave "{" • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000447 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1335
https://notcve.org/view.php?id=CVE-1999-1335
31 Dec 1999 — snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. • http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-1999-1333
https://notcve.org/view.php?id=CVE-1999-1333
31 Dec 1999 — automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. • http://marc.info/?l=bugtraq&m=89042322924057&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1332
https://notcve.org/view.php?id=CVE-1999-1332
31 Dec 1999 — gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. • http://marc.info/?l=bugtraq&m=88603844115233&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1329
https://notcve.org/view.php?id=CVE-1999-1329
31 Dec 1999 — Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. • http://www.iss.net/security_center/static/7250.php •