4 results (0.047 seconds)

CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 0

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption). • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA http://secunia.com/advisories/17114 http://secunia.com/advisories/17280 http://secunia.com/advisories/17364 http://secunia.com/advisories/17826 http://secunia.com/advisories/17917 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.mandriva.com/security& • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •

CVSS: 7.5EPSS: 5%CPEs: 12EXPL: 1

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands. • https://www.exploit-db.com/exploits/20646 http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3 http://www.osvdb.org/5601 http://www.redhat.com/support/errata/RHSA-2001-022.html http://www.redhat.com/support/errata/RHSA-2001-023.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6645 •

CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 2

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. • https://www.exploit-db.com/exploits/258 https://www.exploit-db.com/exploits/317 http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html http://www.redhat.com/support/errata/RHSA-2001-001.html http://www.securityfocus.com/bid/2181 https://exchange.xforce.ibmcloud.com/vulnerabilities/5907 •