Page 51 of 338 results (0.015 seconds)

CVSS: 7.5EPSS: 84%CPEs: 4EXPL: 5

CVE-2006-5779

https://notcve.org/view.php?id=CVE-2006-5779

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure. Vulnerabilidad no especificada en el paquete openldap-2.2.29-1 de OpenLDAP en Fedora Core 4 (FC4), permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante cierta combinación de peticiones LDAP BIND que disparan un fallo de aserción. • http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz http://gleg.net/vulndisco_meta.shtml http://secunia.com/advisories/22750 http://secunia.com/advisories/22953 http://secunia.com/advisories/22996 http://secunia.com/advisories/23125 http://secunia.com/advisories/23133 http://secunia.com/advisories/23152 http://secunia.com/advisories/23170 http://security.gentoo.org/glsa/glsa-200611-25.xml http://securityreason.com/securityalert/1831 http://securitytracker.com/id?1017166 http&# • CWE-617: Reachable Assertion •

CVSS: 5.4EPSS: 3%CPEs: 3EXPL: 2

CVE-2006-5466

https://notcve.org/view.php?id=CVE-2006-5466

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. Desbordamiento de búfer basado en montón en la función shoqQueryPackage en librpm en RPM Package Manager 4.4.8, cuando la variable de entorno LANG tiene el valor ru_RU.UTF-8, podría permitir a atacantes con la intervención del usuario ejecutar código de su elección mediante paquetes RPM manipulados. • http://secunia.com/advisories/22740 http://secunia.com/advisories/22745 http://secunia.com/advisories/22768 http://secunia.com/advisories/22854 http://security.gentoo.org/glsa/glsa-200611-08.xml http://securitytracker.com/id?1017160 http://www.mandriva.com/security/advisories?name=MDKSA-2006:200 http://www.securityfocus.com/bid/20906 http://www.ubuntu.com/usn/usn-378-1 http://www.vupen.com/english/advisories/2006/4350 https://bugzilla.redhat.com/bugzilla/show_bug.cgi? •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2006-5173

https://notcve.org/view.php?id=CVE-2006-5173

Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. El núcleo de Linux no guarda o restaura adecuadamente EFLAGS durante un cambio de contexto, o reinicia las banderas al crear nuevos hilos, lo cual permite a usuarios locales provocar una denegación de servicio (caída de proceso), como ha sido demostrado usando un proceso que establece la bandera Alignment Check (EFLAGS 0x40000), lo cual dispara un SIGBUS en otros procesos que tienen acceso no alineado. • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=47a5c6fa0e204a2b63309c648bb2fde36836c826 http://secunia.com/advisories/23361 http://secunia.com/advisories/23384 http://secunia.com/advisories/23474 http://secunia.com/advisories/23593 http://secunia.com/advisories/25691 http://www.mandriva.com/security/advisories?name=MDKSA-2007:002 http://www.novell.com/linux/security/advisories/2006_79_kernel.html http://www.securityfocus.com/archive/1/471457 http://w •

CVSS: 7.5EPSS: 5%CPEs: 7EXPL: 1

CVE-2006-4997

https://notcve.org/view.php?id=CVE-2006-4997

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). La función clip_mkip en net/atm/clip.c del subsistema ATM en el núcleo Linux permite a atacantes remotos provocar una denegación de servicio (panico) mediante vectores no identificados que provocan que el subsisstema ATM acceda a la memoria de búferes de sockets después de que hayan sido liberados (referencia a puntero liberado). • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265 http://secunia.com/advisories/22253 http://secunia.com/advisories/22279 http://secunia.com/advisories/22292 http://secunia.com/advisories/22497 http://secunia.com/advisories/22762 http://secunia.com/advisories/22945 http://secunia.com/advisories/23064 http://secunia.com/advisories/23370 http://secunia.com/advisories/23384 http://secunia.com/advisories/23395 http://secunia.com/advisories/23474 http://secunia.com/ • CWE-416: Use After Free •

CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0

CVE-2006-5158 – NFS lockd deadlock

https://notcve.org/view.php?id=CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. El nlmclnt_mark_reclaim en clntlock.c en NFS lockd en el kernel de Linux en versiones anteriores a 2.6.16 permite a atacantes remotos provocar una denegación de servicio (caída de proceso) y denegación de acceso a exportaciones NFS a través de vectores no especificados que desencadenan un oops en el kernel (referencia nula) y bloqueo mutuo. • http://marc.info/?l=linux-kernel&m=113476665626446&w=2 http://marc.info/?l=linux-kernel&m=113494474208973&w=2 http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/23361 http://secunia.com/advisories/23384 http://secunia.com/advisories/23752 http://secunia.com/advisories/25838 http://secunia.com/advisories/26289 http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2 • CWE-667: Improper Locking •