Page 950 of 5173 results (0.017 seconds)

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2007-3843 – CIFS signing sec= mount options don't work correctly

https://notcve.org/view.php?id=CVE-2007-3843

The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request. El kernel Linux versiones anteriores a 2.6.23-rc1 comprueba la variable global errónea para la opción de montado CIFS sec, lo cual podría permitir a atacantes remotos falsificar tráfico de red CIFS que el cliente configuró para firmas de seguridad, como se demuestra por una falta de firmado a pesar de indicar sec=ntlmv2i en una petición SetupAndX. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=246595 http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.23-rc1 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://secunia.com/advisories/26366 http://secunia.com/advisories/26647 http://secunia.com/advisories/26760 http://secunia.com/advisories/27436 http://secunia.com/advisories/27747 http://secunia.com/ad •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-3105 – Bound check ordering issue in random driver

https://notcve.org/view.php?id=CVE-2007-3105

Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering". NOTE: this issue might only cross privilege boundaries in environments that have granular assignment of privileges for root. Desbordamiento de búfer basado en pila en la implementación del generador de números aleatorios (RNG) en el kernel de Linux versiones anteriores a 2.6.22 podría permitir a usuarios root locales provocar una denegación de servicio o obtener privilegios al asignar valor al umbral por defecto del despertado (wakeup) a un valor mayor que el tamaño de la cola de salida, que dispara la escritura de números aleatorios a la pila por la función de transferencia de cola involucrando "comprobación de límites de ordenación". NOTA: Esta vulnerabilidad podría solamente cruzar límites de privilegios en entornos que tienen asignación granular de privilegios para root. • http://secunia.com/advisories/26500 http://secunia.com/advisories/26643 http://secunia.com/advisories/26647 http://secunia.com/advisories/26651 http://secunia.com/advisories/26664 http://secunia.com/advisories/27212 http://secunia.com/advisories/27227 http://secunia.com/advisories/27322 http://secunia.com/advisories/27436 http://secunia.com/advisories/27747 http://secunia.com/advisories/29058 http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm http://www.debian • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2007-3945

https://notcve.org/view.php?id=CVE-2007-3945

Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes. Rule Set Based Access Control (RSBAC) anterior a 1.3.5 no utiliza de forma adecuada el API Crypto Linux Kernel del Linux kernel 2.6.x, el permite a atacantes dependientes del contexto evitar controles de autenticación a través de vectores no especificados, posiblemente afectando al hashing de la contraseña User Management y los códigos de retorno de la función unchecked. • http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt http://secunia.com/advisories/26147 http://securityreason.com/securityalert/2911 http://www.securityfocus.com/archive/1/474161/100/0/threaded http://www.securityfocus.com/bid/25001 http://www.vupen.com/english/advisories/2007/2610 •

CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0

CVE-2007-3380

https://notcve.org/view.php?id=CVE-2007-3380

The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote attackers to cause a denial of service (loss of lock services) by connecting to the DLM port, which probably prevents other processes from accessing the service. El gestor de bloqueos distribuidos (DLM) en el gestor de cluster para Linux kernel 2.6.15 permite a atacantes remotos provocar una denegación de servicio (pérdida de servicios bloqueados) al conectarse al puerto DLM, que probablemente evita que otros procesos accedan al servicio. • http://osvdb.org/37109 http://secunia.com/advisories/26139 http://secunia.com/advisories/27322 http://www.redhat.com/support/errata/RHSA-2007-0940.html http://www.securityfocus.com/bid/24968 http://www.ubuntu.com/usn/usn-489-1 http://www.ubuntu.com/usn/usn-489-2 https://exchange.xforce.ibmcloud.com/vulnerabilities/35516 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9337 https://access.redhat.com/security/cve/CVE-2007-3380 https: • CWE-16: Configuration •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-3720

https://notcve.org/view.php?id=CVE-2007-3720

The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges." El planificador de procesos en Linux kernel 2.4 realiza planificación basado en la facturación CPU, recolectada con ticks de muestreo periódico de proceso, lo cual permite a usuarios locales provocar una denegación de servicio (agotamiento de CPU) realizando pausas voluntarias de nanosegundos que resultan en que el proceso no se encuentre activo durante una interrupción de reloj, como se describe en "Monopolizando secretamente la CPU sin privilegios de super-usuario" • http://osvdb.org/37126 http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf •