Page 581 of 2995 results (0.028 seconds)

CVSS: 6.1EPSS: 4%CPEs: 252EXPL: 0

CVE-2007-2876 – nf}_conntrack_sctp: remotely triggerable NULL ptr dereference

https://notcve.org/view.php?id=CVE-2007-2876

The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference. La función sctp_new en (1) ip_conntrack_proto_sctp.c y (2) nf_conntrack_proto_sctp.c en Netfilter en Linux kernel 2.6 anterior a 2.6.20.13, y 2.6.21.x anterior a 2.6.21.4, permite a atacantes remotos provocar denegación de servicio provocando ciertos estados no válidos que disparan un puntero NULL referenciado. • http://marc.info/?l=linux-kernel&m=118128610219959&w=2 http://marc.info/?l=linux-kernel&m=118128622431272&w=2 http://osvdb.org/37112 http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/25838 http://secunia.com/advisories/25961 http://secunia.com/advisories/26133 http://secunia.com/advisories/26139 http://secunia.com/advisories/26289 http://secunia.com/advisories/26450 http://secunia.com/advisories/26620 http://secunia.com/advisories/ •

CVSS: 1.2EPSS: 0%CPEs: 252EXPL: 0

CVE-2007-2453 – /dev/random broken

https://notcve.org/view.php?id=CVE-2007-2453

The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source. La característica de número aleatorio en Linux kernel 2.6 anterior a 2.6.20.13, y 2.6.21.x anterior a 2.6.21.4, (1) no rellena adecuadamente la quiniela cuando no hay entropia, o (2) utiliza un rango incorrecto cuando extrae entropia, lo cual podría provocar que el generado de número aleatorios devuelva los mismos valores después de reiniciar el sistema sin una fuente de entropia. • http://marc.info/?l=linux-kernel&m=118128610219959&w=2 http://marc.info/?l=linux-kernel&m=118128622431272&w=2 http://osvdb.org/37114 http://secunia.com/advisories/25596 http://secunia.com/advisories/25700 http://secunia.com/advisories/25961 http://secunia.com/advisories/26133 http://secunia.com/advisories/26139 http://secunia.com/advisories/26450 http://secunia.com/advisories/26620 http://secunia.com/advisories/26664 http://www.debian.org/security/2007/dsa-1356& •

CVSS: 4.0EPSS: 0%CPEs: 211EXPL: 0

CVE-2006-5823

https://notcve.org/view.php?id=CVE-2006-5823

The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs. La función zlib_inflate en el núcleo de Linux 2.6.x permite a usuarios locales provocar una denegación de servicio (caída) mediante un sistema de ficheros mal formado que utiliza compresión zlib que provoca una corrupción de memoria, como se ha demostrado utilizando cramfs. • http://projects.info-pull.com/mokb/MOKB-07-11-2006.html http://rhn.redhat.com/errata/RHSA-2007-0014.html http://rhn.redhat.com/errata/RHSA-2007-0436.html http://secunia.com/advisories/22767 http://secunia.com/advisories/23474 http://secunia.com/advisories/23997 http://secunia.com/advisories/24098 http://secunia.com/advisories/24206 http://secunia.com/advisories/24259 http://secunia.com/advisories/24482 http://secunia.com/advisories/25630 http://secunia.com/advisori •

CVSS: 1.2EPSS: 0%CPEs: 105EXPL: 2

CVE-2006-5757 – Linux Kernel 2.6.x - 'ISO9660' Denial of Service

https://notcve.org/view.php?id=CVE-2006-5757

Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. Condición de carrera en la función __find_get_block_slow en el sistema de ficheros ISO9660 en Linux 2.6.18 y posiblemente otras versiones permite a usuarios locales provocar una denegación de servicio (bucle infinito) montando un sistema de fisheros ISO9660 manipulado que contiene estructuras de datos mal formadas. • https://www.exploit-db.com/exploits/28912 http://projects.info-pull.com/mokb/MOKB-05-11-2006.html http://rhn.redhat.com/errata/RHSA-2007-0014.html http://secunia.com/advisories/22702 http://secunia.com/advisories/22746 http://secunia.com/advisories/23474 http://secunia.com/advisories/23593 http://secunia.com/advisories/23752 http://secunia.com/advisories/23997 http://secunia.com/advisories/24098 http://secunia.com/advisories/24206 http://secunia.com/advisories/25691&# • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 107EXPL: 4

CVE-2006-5701 – Linux Kernel 2.6.x - SquashFS Double-Free Denial of Service

https://notcve.org/view.php?id=CVE-2006-5701

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem. Vulnerabilidad doble-libre en módulo squashfs en el kernel de Linux 2.6.x, tal y como se usa en Fedora Core 5 y posiblemente otras distribuciones, permite a un usuario local provocar denegación de servicio a través del montado manipualado del sistema de ficheros. • https://www.exploit-db.com/exploits/28895 http://projects.info-pull.com/mokb/MOKB-02-11-2006.html http://secunia.com/advisories/22655 http://secunia.com/advisories/23361 http://secunia.com/advisories/23384 http://secunia.com/advisories/24259 http://www.mandriva.com/security/advisories?name=MDKSA-2007:047 http://www.securityfocus.com/bid/20870 http://www.ubuntu.com/usn/usn-395-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/29967 •