Page 980 of 5206 results (0.022 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2006-1342 – Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure

https://notcve.org/view.php?id=CVE-2006-1342

net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/af_inet.c en el kernel de Linux 2.4 no aclara sockaddr_in.sin_zero antes de devolver los nombres de socket IPv4 de las funciones (1) getsockname, (2) getpeername y (3) accept, lo que permite a usuarios locales obtener porciones de memoria potencialmente sensible. • https://www.exploit-db.com/exploits/27461 http://marc.info/?l=linux-netdev&m=114148078223594&w=2 http://secunia.com/advisories/19357 http://secunia.com/advisories/20398 http://secunia.com/advisories/21035 http://secunia.com/advisories/22875 http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=09d3b3dcfa80c9094f1748c1be064b9326c9ef2b http://www.novell.com/linux/security/advisories/2006-05-31.html http://www.redhat.com/support/errata/RHSA-2006-0579&# •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2006-1343

https://notcve.org/view.php?id=CVE-2006-1343

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/netfilter/ip_conntrack_core.c en el kernel de Linux 2.4 y 2.6 y posiblemente net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c en 2.6, no aclara sockaddr_in.sin_zero antes de devolver los nombres de socket IPv4 desde la función getsockopt con SO_ORIGINAL_DST, lo que permite a usuarios locales obtener porciones de memoria potencialmente sensible. • http://marc.info/?l=linux-netdev&m=114148078223594&w=2 http://secunia.com/advisories/19357 http://secunia.com/advisories/19955 http://secunia.com/advisories/20671 http://secunia.com/advisories/21045 http://secunia.com/advisories/21136 http://secunia.com/advisories/21465 http://secunia.com/advisories/21983 http://secunia.com/advisories/22093 http://secunia.com/advisories/22417 http://secunia.com/advisories/22875 http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm& •

CVSS: 5.0EPSS: 1%CPEs: 156EXPL: 0

CVE-2006-1242

https://notcve.org/view.php?id=CVE-2006-1242

The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. • http://secunia.com/advisories/19402 http://secunia.com/advisories/19955 http://secunia.com/advisories/20157 http://secunia.com/advisories/20398 http://secunia.com/advisories/20671 http://secunia.com/advisories/20914 http://secunia.com/advisories/21136 http://secunia.com/advisories/21465 http://secunia.com/advisories/21983 http://secunia.com/advisories/22417 http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm http://support.avaya.com/elmodocs2/security/ASA-2006-200. •

CVSS: 7.1EPSS: 0%CPEs: 89EXPL: 0

CVE-2006-0457

https://notcve.org/view.php?id=CVE-2006-0457

Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. • http://secunia.com/advisories/19220 http://secunia.com/advisories/20398 http://secunia.com/advisories/21465 http://secunia.com/advisories/22417 http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://www.mandriva.com/security/advisories?name=MDKSA-2006:059 http://www.novell.com/linux/security/advisories/2006-05-31.html http://www.osvdb.org/23894 http://www.redhat.com/support/errata/RHSA-2006-0575.html http://www.securityfocus.com/bid/17084 https://exchange •

CVSS: 4.9EPSS: 0%CPEs: 124EXPL: 0

CVE-2006-0557

https://notcve.org/view.php?id=CVE-2006-0557

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors. • http://lkml.org/lkml/2006/2/27/355 http://rhn.redhat.com/errata/RHBA-2007-0304.html http://secunia.com/advisories/19955 http://secunia.com/advisories/20398 http://secunia.com/advisories/20914 http://securitytracker.com/id?1015752 http://www.debian.org/security/2006/dsa-1103 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=636f13c174dd7c84a437d3c3e8fa66f03f7fda63 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git& •