CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 1CVE-2008-3534 – kernel: tmpfs: fix kernel BUG in shmem_delete_inode
https://notcve.org/view.php?id=CVE-2008-3534
The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of "useless pages" and improper maintenance of the i_blocks count. La función shmem_delete_inode de mm/shmem.c en la implementación the tmpfs de Linux kernel versiones anteriores a 2.6.26.1 permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de una determinada secuencia de operaciones de ficheros de crear, eliminar y sobrescribir, como lo demostrador por el programa insserv, relacionado con la asignación de "páginas sin uso" y mantenimiento inadecuado de la cuenta i_blocks. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=14fcc23fdc78e9d32372553ccf21758a9bd56fa1 http://lkml.org/lkml/2008/7/26/71 http://secunia.com/advisories/31881 http://secunia.com/advisories/32190 http://secunia.com/advisories/32393 http://www.debian.org/security/2008/dsa-1636 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1 http://www.redhat.com/support/errata/RHSA-2008-0857.html http://www.securityfocus.com/bid&#x • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.9EPSS: 0%CPEs: 7EXPL: 1CVE-2008-3535 – kernel: fix off-by-one error in iov_iter_advance()
https://notcve.org/view.php?id=CVE-2008-3535
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project. Error de superación del límite en la función iov_iter_advance de mm/filemap.c en Linux kernel versiones anteriores a 2.6.27-rc2 permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de una determinada secuencia de operaciones en ficheros de I/O con readv y writev, como lo demostrado por testcases/kernel/fs/ftest/ftest03 de Linux Test Project. • http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c http://secunia.com/advisories/31881 http://secunia.com/advisories/32190 http://secunia.com/advisories/32393 http://www.debian.org/security/2008/dsa-1636 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2 http://www.lkml.org/lkml/2008/7/30/446 http://www.redhat.com/support/errata/RHSA-2008-0857.html http://www.securityfocus.com/bid/31132 http://www& • CWE-193: Off-by-one Error •
CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 0CVE-2008-1945 – qemu/kvm/xen: add image format options for USB storage and removable media
https://notcve.org/view.php?id=CVE-2008-1945
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. QEMU 0.9.0 no maneja apropiadamente cambio de medios extraíbles, lo cual permite a usuarios invitados del sistema operativo leer ficheros de su elección en el Host del sistema operativo utilizando el diskformat: parámetro en la opción -usbdevice para modificar la cabecera disk-image para identificar un formato diferente, una cuestión relacionada a CVE-2008-2004. • http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/32063 http://secunia.com/advisories/32088 http://secunia.com/advisories/34642 http://secunia.com/advisories/35031 http://secunia.com/advisories/35062 http://www.debian.org/security/2009/dsa-1799 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://www.securityfocus.com/bid/30604 http://www.securitytracker.com/id?1020959 http://www.ubuntu.com/usn/usn-776& •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 0CVE-2008-3272 – kernel snd_seq_oss_synth_make_info leak
https://notcve.org/view.php?id=CVE-2008-3272
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information. La función snd_seq_oss_synth_make_info de sound/core/seq/oss/seq_oss_synth.c en el subsistema sound de Linux kernel versiones anteriores a 2.6.27-rc2 no verifica que el número de dispositivo esté dentro del rango definido por max_synthdev antes de retornar determinados datos del emisor, lo cual permite a usuarios locales obtener información sensible. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=82e68f7ffec3800425f2391c8c86277606860442 http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html http://li • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 12%CPEs: 9EXPL: 0CVE-2008-2939 – httpd: mod_proxy_ftp globbing XSS
https://notcve.org/view.php?id=CVE-2008-2939
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. Vulnerabilidad de XSS en proxy_ftp.c en el módulo mod_proxy_ftp en Apache 2.0.63 y en versiones anteriores y mod_proxy_ftp.c en el módulo mod_proxy_ftp en Apache 2.2.9 y en versiones anteriores a 2.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un comodín en el último componente del directorio en el nombre de ruta en una URI FTPI. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://rhn.redhat.com/errata/RHSA-2008-0967.html http://secunia.com/advisories/31384 http://secunia.com/advisories/31673 http://secunia.com/advisories/32685 http://secunia.com/advisories/32838 http://secunia.com/advisories/33156&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •