Page 955 of 5173 results (0.024 seconds)

CVSS: 4.9EPSS: 0%CPEs: 238EXPL: 0

CVE-2007-1592 – IPv6 oops triggerable by any user

https://notcve.org/view.php?id=CVE-2007-1592

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket. El archivo net/ipv6/tcp_ipv6.c en el kernel de Linux versiones 2.6.x hasta 2.6.21-rc3, copia inadvertidamente el ipv6_fl_socklist desde un socket TCP de escucha hacia sockets de un proceso hijo, lo que permite a usuarios locales causar una denegación de servicio (OOPS) o una doble liberación mediante la apertura de un socket IPv6 de escucha, adjuntando una etiqueta de flujo y conectándose a ese socket. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d35690beda1429544d46c8eb34b2e3a8c37ab299 http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html http://marc.info/?l=linux-netdev&m=117406721731891&w=2 http://rhn.redhat.com/errata/RHBA-2007-0304.html http://rhn.redhat.com/errata/RHSA-2007-0436.html http://secunia.com/advisories/24618 http://secunia.com/advisories/24777 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-1496 – Various NULL pointer dereferences in netfilter code

https://notcve.org/view.php?id=CVE-2007-1496

nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference. nfnetlink_log en netfilter de the Linux kernel versiones anteriores a 2.6.20.3 permite a atacantes provocar una denegación de servicio (caída) mediante vectores sin especificar involucrando (1) la función nfulnl_recv_config (2) usando "múltiples paquetes por mensaje netlink", y (3) paquetes puenteados, que disparan una referencia puntero NULL. • http://secunia.com/advisories/24492 http://secunia.com/advisories/25228 http://secunia.com/advisories/25288 http://secunia.com/advisories/25392 http://secunia.com/advisories/25961 http://secunia.com/advisories/26620 http://www.debian.org/security/2007/dsa-1289 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3 http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 http://www.novell.com/linux/security/advisories/2007_43_kernel.html http://www&# •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0

CVE-2007-1497 – IPv6 fragments bypass in nf_conntrack netfilter code

https://notcve.org/view.php?id=CVE-2007-1497

nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments. nf_conntrack en netfilter en el kernel de Linux anterior a 2.6.20.3 no fija nfctinfo durante el nuevo re-ensamble de paquetes fragmentados, lo cual deja el valor por defecto como IP_CT_ESTABLISHED y permitiría a atacantes remotos evitar ciertas reglas de asignación utilizando fragmentos IPv6. • http://secunia.com/advisories/24492 http://secunia.com/advisories/25228 http://secunia.com/advisories/25288 http://secunia.com/advisories/25392 http://secunia.com/advisories/25961 http://secunia.com/advisories/26620 http://www.debian.org/security/2007/dsa-1289 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3 http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 http://www.novell& •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2

CVE-2007-1000 – Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak

https://notcve.org/view.php?id=CVE-2007-1000

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference. La función ipv6_getsockopt_sticky en net/ipv6/ipv6_sockglue.c en el núcleo de Linux anterior a 2.6.20.2 permite a usuarios locales leer memoria del núcleo de su elección mediante determinadas llamadas getsockopt que disparan una referencia a NULL. • https://www.exploit-db.com/exploits/4172 http://bugzilla.kernel.org/show_bug.cgi?id=8134 http://fedoranews.org/cms/node/2787 http://fedoranews.org/cms/node/2788 http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html http://secunia.com/advisories/24493 http://secunia.com/advisories/24518 http://secunia.com/advisories/24777 http://secunia.com/advisories/24901 http://secunia.com/advisories/25080 http://secunia.com/advisories/25099 http://secunia.com •

CVSS: 4.4EPSS: 0%CPEs: 141EXPL: 1

CVE-2007-1388 – Linux Kernel 2.6.x - IPv6_SockGlue.c Null Pointer Dereference Denial of Service

https://notcve.org/view.php?id=CVE-2007-1388

The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference. La función do_ipv6_setsockopt en el archivo net/ipv6/ipv6_sockglue.c en el kernel de Linux versiones anteriores a 2.6.20, y posiblemente otras versiones, permite a usuarios locales causar una denegación de servicio (oops) al llamar a setsockopt con el nombre de la opción IPV6_RTHDR y posiblemente una longitud de opción cero o un valor de opción no válido, lo que desencadena una desreferencia del puntero NULL. • https://www.exploit-db.com/exploits/29781 http://bugzilla.kernel.org/show_bug.cgi?id=8155 http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html http://secunia.com/advisories/24777 http://secunia.com/advisories/24901 http://secunia.com/advisories/25080 http://secunia.com/advisories/25099 http://secunia.com/advisories/25392 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4 http://www.mandriva.com/security/advisories?name=MDKSA-2007:078 • CWE-399: Resource Management Errors •