Page 932 of 5163 results (0.018 seconds)

CVSS: 4.7EPSS: 0%CPEs: 99EXPL: 1

CVE-2008-4445 – kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option

https://notcve.org/view.php?id=CVE-2008-4445

The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113. La función sctp_auth_ep_set_hmacs en net/sctp/auth.c en la implementación del Protocolo de Control de Transmisión de Streaming(sctp) la del kernel de Linux anterior a 2.6.26.4, cuando la extensión SCTP-AUTH está habilitada, no comprueba que el indice del identificador esta dentro de los límites establecido por SCTP_AUTH_HMAC_ID_MAX, lo que permite a usuarios locales obtener información sensible a través de una solicitud SCTP_HMAC_IDENT IOCTL modificada que involucre a la función sctp_getsockopt, una vulnerabilidad diferente que CVE-2008-4113. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=d97240552cd98c4b07322f30f66fd9c3ba4171de http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html http://marc.info/?l=linux-sctp&m=121986743009093&w=2 http://marc.info/?l=linux-sctp&m=121986743209110&w=2 http://secunia.com/advisories/32190 http://secunia.com/advisories/32315 http://secunia.com/advisories/32393 http://www.debian.org/security/2008/dsa-1655 http://www.kernel. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2008-4410

https://notcve.org/view.php?id=CVE-2008-4410

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247. La función vmi_write_ldt_entry de arch/x86/kernel/vmi_32.c en Virtual Machine Interface (VMI) de Linux kernel v2.6.26.5 invoca write_idt_entry donde write_ldt_entry fue pretendido, lo cual permite a usuarios locales provocar una denegación de servicio (fallo continuo de aplicación) a través de llamadas a función manipuladas, relacionado con Java Runtime Environment (JRE) experimentando estado de selector inapropiado, una vulnerabilidad distinta a CVE-2008-3247. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=de59985e3a623d4d5d6207f1777398ca0606ab1c http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html http://osvdb.org/48743 http://secunia.com/advisories/32124 http://secunia.com/advisories/32386 http://www.openwall.com/lists/oss-security/2008/10/03/3 http://www.securityfocus.com/bid/31565 https://exchange.xforce.ibmcloud.com/vulnerabilities/45687 https://www.redhat.com/archives/fedora • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: 124EXPL: 2

CVE-2008-3832 – Linux Kernel (Fedora 8/9) - 'utrace_control' Null Pointer Dereference Denial of Service

https://notcve.org/view.php?id=CVE-2008-3832

A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function. Cierto parche de Fedora en el subsistema utrace de Linux Kernel versiones anteriores a v2.6.26.5-28 de Fedora 8, y versiones anteriores a v2.6.26.5-45 de Fedora 9, permite a usuarios locales provocar una denegación de servicio (puntero de referencia NULL y caída o cuelgue del sistema) a través de la llamada a la función utrace_control. • https://www.exploit-db.com/exploits/32451 http://kerneloops.org/oops.php?number=56705 http://www.openwall.com/lists/oss-security/2008/10/02/1 http://www.securityfocus.com/bid/31536 https://bugzilla.redhat.com/show_bug.cgi?id=464883 https://exchange.xforce.ibmcloud.com/vulnerabilities/45644 • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 65EXPL: 0

CVE-2008-3833 – kernel: remove SUID when splicing into an inode

https://notcve.org/view.php?id=CVE-2008-3833

The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory, a different vulnerability than CVE-2008-4210. La función generic_file_splice_write de fs/splice.c en Linux kernel versiones anteriores a v2.6.19 no lanza correctamente bits setuid y setgid cuando hay una escritura a un fichero, lo cual permite a usuarios locales conseguir privilegios de un grupo diferente, y obtener información sensible o posiblemente tener otros impactos desconocidos, por la unión en un inodo con el fin de crear un archivo ejecutable en un directorio setgid, una vulnerabilidad diferente a CVE-2008-4210. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.19.y.git%3Ba=commit%3Bh=8c34e2d63231d4bf4852bac8521883944d770fe3 http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://openwall.com/lists/oss-security/2008/10/03/1 http://secunia.com/advisories/32237 http://secunia.com/advisories/32485 http://secunia.com/advisories/32759 http://www.debian.org/security/2008/dsa-1653 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.19/ChangeLog-2 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.6EPSS: 0%CPEs: 30EXPL: 2

CVE-2008-4210 – Linux Kernel < 2.6.22 - 'ftruncate()'/'open()' Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. fs/open.c en el kernel de Linux anterior a v2.6.22 no elimina de forma adecuada los bits "setuid" y "setgid" cuando los escribe en un fichero , lo que permite a usuarios locales obtener privilegios de grupos diferentes, y obtener información sensible o posiblemente tener otro impacto no especificado, creando un fichero ejecutable en el directorio setgid a través de las funciones (1) truncate o (2) ftruncate en conjunción con una E/S mapeada en memoria. • https://www.exploit-db.com/exploits/6851 http://bugzilla.kernel.org/show_bug.cgi?id=8420 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=7b82dc0e64e93f430182f36b46b79fcee87d3532 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000 • CWE-264: Permissions, Privileges, and Access Controls •