CVSS: 5.5EPSS: 11%CPEs: 43EXPL: 0CVE-2006-1055
https://notcve.org/view.php?id=CVE-2006-1055
05 Apr 2006 — The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read. • http://lwn.net/Alerts/180820 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-1624
https://notcve.org/view.php?id=CVE-2006-1624
05 Apr 2006 — The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses. • http://www.securityfocus.com/archive/1/429618/100/0/threaded •
CVSS: 5.5EPSS: 0%CPEs: 74EXPL: 0CVE-2006-1066
https://notcve.org/view.php?id=CVE-2006-1066
27 Mar 2006 — Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. El kernel de Linux 2.6.16-rc2 y versiones anteriores cuando se ejecutan sistemas x86_64 con prioridad activada, permite a usuarios locales provocar una denegación de servicio (oops) a través de múltiples tareas ptrace que re... • http://marc.info/?l=linux-kernel&m=113932292516359&w=2 •
CVSS: 10.0EPSS: 11%CPEs: 1EXPL: 0CVE-2006-1368
https://notcve.org/view.php?id=CVE-2006-1368
23 Mar 2006 — Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure. • http://secunia.com/advisories/19330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 79EXPL: 0CVE-2006-0038
https://notcve.org/view.php?id=CVE-2006-0038
22 Mar 2006 — Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. • http://secunia.com/advisories/19330 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1343
https://notcve.org/view.php?id=CVE-2006-1343
21 Mar 2006 — net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/netfilter/ip_conntrack_core.c en el kernel de Linux 2.4 y 2.6 y posiblemente net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c en 2.6, no aclara sockaddr_in.sin_zero antes... • http://marc.info/?l=linux-netdev&m=114148078223594&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-1342 – Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2006-1342
21 Mar 2006 — net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/af_inet.c en el kernel de Linux 2.4 no aclara sockaddr_in.sin_zero antes de devolver los nombres de socket IPv4 de las funciones (1) getsockname, (2) getpeername y (3) accept, lo que permite a usuarios locales obtener porciones de memoria potencia... • https://www.exploit-db.com/exploits/27461 •
CVSS: 7.5EPSS: 3%CPEs: 156EXPL: 0CVE-2006-1242
https://notcve.org/view.php?id=CVE-2006-1242
15 Mar 2006 — The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. • http://secunia.com/advisories/19402 •
CVSS: 7.1EPSS: 0%CPEs: 89EXPL: 0CVE-2006-0457
https://notcve.org/view.php?id=CVE-2006-0457
14 Mar 2006 — Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. • http://secunia.com/advisories/19220 •
CVSS: 9.8EPSS: 0%CPEs: 124EXPL: 0CVE-2006-0557
https://notcve.org/view.php?id=CVE-2006-0557
12 Mar 2006 — sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors. • http://lkml.org/lkml/2006/2/27/355 •