CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 13CVE-2014-3153 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-3153
05 Jun 2014 — The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. La función futex_requeue en kernel/futex.c en el kernel de Linux hasta 3.14.5 no asegura que las llamadas tengan dos direcciones futex diferentes, lo que permite a usuarios locales ganar privilegios a través de un comando FUTEX_REQUEUE manipula... • https://www.exploit-db.com/exploits/35370 •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2014-1737 – kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
https://notcve.org/view.php?id=CVE-2014-1737
11 May 2014 — The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. La función raw_cmd_copyin en drivers/block/floppy.c en el kernel de Linux hasta 3.14.3 no maneja debidamente condiciones de error durante el procesado de una llamada FDRAWCMD ioctl, lo que permite a usuarios locales... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2014-1738 – kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
https://notcve.org/view.php?id=CVE-2014-1738
11 May 2014 — The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. La función raw_cmd_copyout en drivers/block/floppy.c en el kernel de Linux hasta 3.14.3 no restringe debidamente acceso a ciertos punteros durante el procesamiento de una llamada FDRAWCMD ioctl,... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2145e15e0557a01b9195d1c7199a1b92cb9be81f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-2678 – kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check()
https://notcve.org/view.php?id=CVE-2014-2678
01 Apr 2014 — The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. La función rds_iw_laddr_check en net/rds/iw.c en el kernel de Linux hasta 3.14 permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo y caída de sistema) o posiblemente tener otro impa... • http://linux.oracle.com/errata/ELSA-2014-0926-1.html • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2306
https://notcve.org/view.php?id=CVE-2011-2306
18 Oct 2011 — Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to "Oracle validated." Vulnerabilidad no especificada en Oracle Linux v4 y v5 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con "Oracle validado". • http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2008-6560
https://notcve.org/view.php?id=CVE-2008-6560
31 Mar 2009 — Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product. Desbordamiento de búfer en CMAN - The Cluster Manager versiones anteriores a v2.03.09-1 en Fedora 9 y Red Hat Enterprise Linux (RHEL) 5 permite a atacantes provocar una... • http://git.fedorahosted.org/git/cluster.git?p=cluster.git%3Ba=commitdiff%3Bh=67fee9128e54c6c3fc3eae306b5b501f3029c3be • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 117EXPL: 0CVE-2008-5516 – gitWeb 1.x Remote Command Execution
https://notcve.org/view.php?id=CVE-2008-5516
20 Jan 2009 — The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search. La interfaz web en git (gitweb) versiones 1.5.x anteriores a 1.5.5, permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres de shell relacionados con git_search. gitWeb version 1.x suffers from a remote command execution vulnerability. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4832
https://notcve.org/view.php?id=CVE-2008-4832
17 Nov 2008 — rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. rc.sysinit en el paquete initscripts en sus versiones 8.12-8.21 y 8.56.15-0.1 de rPath permite a usuarios locales borrar archivos arbi... • http://secunia.com/advisories/32710 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2007-6283 – bind: /etc/rndc.key has 644 permissions by default
https://notcve.org/view.php?id=CVE-2007-6283
18 Dec 2007 — Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named. Red Hat Enterprise Linux 5 y Fedora instalan el fichero Bind /etc/rndc.key file con permisos de lectura por todos, lo cual permite a usuarios locales realizar comandos no autorizados, como provocar una denegación de servicio por un comando de parada. • http://secunia.com/advisories/28180 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5079 – gdm with xdmcp ignoring tcp_wrappers on x86_64
https://notcve.org/view.php?id=CVE-2007-5079
25 Sep 2007 — Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions. Red Hat Enterprise Linux 4 no compila apropiadamente y enlaza gdm con tcp_wrappers en plataformas x86_64, lo cual podría permitir a atacantes remotos evitar restricciones de acceso intencionadas. • http://www.redhat.com/support/errata/RHSA-2010-0657.html •