CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 5CVE-2011-2928
https://notcve.org/view.php?id=CVE-2011-2928
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem. La función befs_follow_link en fs/befs/linuxvfs.c en el Kernel de Linux anterior a v 3.1-rc3 no valida el atributo longitud de enlaces simbólicos, lo que permite a usuarios locales provocar una denegación de servicio (desreferencia a puntero incorrecta y OOPS) accediendo a un largo enlace simbólico en un fichero de sistema mal formados. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338d0f0a6fbc82407864606f5b64b75aeb3c70f2 http://securityreason.com/securityalert/8360 http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.1-rc3 http://www.openwall.com/lists/oss-security/2011/08/19/1 http://www.openwall.com/lists/oss-security/2011/08/19/5 http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt http://www.securityfocus.com/archive/1/519387/100/0/threaded http:/ • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 51EXPL: 1CVE-2011-1833 – kernel: ecryptfs: mount source TOCTOU race
https://notcve.org/view.php?id=CVE-2011-1833
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. Condición de carrera en la función ecryptfs_mount en fs/ecryptfs/main.c en el subsistema eCryptfs en el Kernel de Linux anteriores a v3.1 permite a usuarios locales evitar los permisos de ficheros impuestos a través de montar una unidad con mount.ecryptfs_private con un uid que no coincide. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=764355487ea220fdc2faf128d577d7f679b91f97 http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.ubuntu.com/usn/USN-1188-1 https://bugzilla.redhat.com/show_bug.cgi?id=731172 https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97 https://access.redhat.com/security/cve/CVE-2011-1833 • CWE-264: Permissions, Privileges, and Access Controls CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0886
https://notcve.org/view.php?id=CVE-2001-0886
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. Desbordamiento de buffer en la función glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrarios mediante un patrón de glob que acaba en una llave "{" • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000447 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-037-01 http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html http://www.ciac.org/ciac/bulletins/m-029.shtml http://www.debian.org/security/2002/dsa-103 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-095.php3 http://www.linuxsecurity.com/advisories/other_advisory-1752.html http://www.redhat.com/support/errata/RHSA-2001-160&# •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1335
https://notcve.org/view.php?id=CVE-1999-1335
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. • http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp https://exchange.xforce.ibmcloud.com/vulnerabilities/7251 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1332
https://notcve.org/view.php?id=CVE-1999-1332
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. • http://marc.info/?l=bugtraq&m=88603844115233&w=2 http://www.debian.org/security/2003/dsa-308 http://www.iss.net/security_center/static/7241.php http://www.osvdb.org/3812 http://www.redhat.com/support/errata/rh50-errata-general.html#gzip http://www.securityfocus.com/bid/7845 •