CVE-2005-2492
https://notcve.org/view.php?id=CVE-2005-2492
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input. • http://marc.info/?l=bugtraq&m=112690609622266&w=2 http://secunia.com/advisories/16747 http://secunia.com/advisories/17073 http://secunia.com/advisories/17918 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 http://www.redhat.com/support/errata/RHSA-2005-514.html http://www.securityfocus.com/archive/1/419522/100/0/threaded htt • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2005-2490
https://notcve.org/view.php?id=CVE-2005-2490
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread. • http://marc.info/?l=bugtraq&m=112690609622266&w=2 http://secunia.com/advisories/16747 http://secunia.com/advisories/17002 http://secunia.com/advisories/17073 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 http://www.mandriva.com/ •
CVE-2005-1913
https://notcve.org/view.php?id=CVE-2005-1913
The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1 http://secunia.com/advisories/15786 http://www.securityfocus.com/bid/14054 http://www.ubuntu.com/usn/usn-178-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/21138 •
CVE-2005-2872
https://notcve.org/view.php?id=CVE-2005-2872
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237 http://secunia.com/advisories/17073 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/18056 http://secunia.com/advisories/18059 http://www.debian.org/security/2005/dsa-921 http://www.debian.org/security/2005/dsa-922 http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2 http://www.mandriva.com/security •
CVE-2005-2873
https://notcve.org/view.php?id=CVE-2005-2873
The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than CVE-2005-2872. • http://blog.blackdown.de/2005/05/09/fixing-the-ipt_recent-netfilter-module http://rhn.redhat.com/errata/RHBA-2007-0304.html http://secunia.com/advisories/17826 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 http://www.securityfocus.com/bid/14791 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9838 •