Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:14065
[Eng]
Version
2
Class
patch
ALTXid
138930
Language
Russian
Severity
NotAvailable
Title
Обновление USN-302-1 -- уязвимости Linux kernel
Description
An integer overflow was discovered in the do_replace() function. A
local user process with the CAP_NET_ADMIN capability could exploit
this to execute arbitrary commands with full root privileges.
However, none of Ubuntu's supported packages use this capability with
any non-root user, so this only affects you if you use some third
party software like the OpenVZ virtualization system. (CVE-2006-0038)
Family
unix
Platform
Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06
Product
linux-image
Reference
VENDOR: USN-302-1
VENDOR: USN-302-1
Id:
USN-302-1
Reference:
http://www.ubuntu.com/usn/usn-302-1/
CVE: CVE-2006-0038
CVE: CVE-2006-0038
Id:
CVE-2006-0038
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0038
Comment
: Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.
CVSSv2 Score:
6.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CWE:
189 (Numeric Errors)
References:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186295 (CONFIRM)
17178 (BID)
19330 (SECUNIA)
DSA-1097 (DEBIAN)
20671 (SECUNIA)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
DSA-1103 (DEBIAN)
20914 (SECUNIA)
RHSA-2006:0575 (REDHAT)
21465 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm (CONFIRM)
22417 (SECUNIA)
ADV-2006-1046 (VUPEN)
ADV-2006-2554 (VUPEN)
linux-netfilter-doreplace-overflow(25400) (XF)
oval:org.mitre.oval:def:10945 (OVAL)
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee4bb818ae35f68d1f848eae0a7b150a38eb4168 (MISC)
CVE: CVE-2006-0744
CVE: CVE-2006-0744
Id:
CVE-2006-0744
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744
Comment
: Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE:
20 (Improper Input Validation)
References:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 (CONFIRM)
FEDORA-2006-423 (FEDORA)
19639 (SECUNIA)
19735 (SECUNIA)
20157 (SECUNIA)
20237 (SECUNIA)
20398 (SECUNIA)
20716 (SECUNIA)
20914 (SECUNIA)
21136 (SECUNIA)
21179 (SECUNIA)
21498 (SECUNIA)
21745 (SECUNIA)
21983 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm (CONFIRM)
DSA-1103 (DEBIAN)
MDKSA-2006:086 (MANDRIVA)
MDKSA-2006:150 (MANDRIVA)
SUSE-SA:2006:028 (SUSE)
SUSE-SA:2006:042 (SUSE)
SUSE-SA:2006:047 (SUSE)
24639 (OSVDB)
RHSA-2006:0437 (REDHAT)
RHSA-2006:0493 (REDHAT)
17541 (BID)
USN-302-1 (UBUNTU)
ADV-2006-1390 (VUPEN)
ADV-2006-1475 (VUPEN)
ADV-2006-2554 (VUPEN)
linux-uncanonical-addr-dos(25869) (XF)
oval:org.mitre.oval:def:9732 (OVAL)
CVE: CVE-2006-1055
CVE: CVE-2006-1055
Id:
CVE-2006-1055
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1055
Comment
: The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE:
CWE-Other ()
References:
2006-0020 (TRUSTIX)
17402 (BID)
19495 (SECUNIA)
19955 (SECUNIA)
SUSE-SA:2006:028 (SUSE)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
20398 (SECUNIA)
FEDORA-2006-423 (FEDORA)
24443 (OSVDB)
19735 (SECUNIA)
ADV-2006-1273 (VUPEN)
ADV-2006-1475 (VUPEN)
linux-fillwritebuffer-dos(25693) (XF)
USN-281-1 (UBUNTU)
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e0dd741a89be35defa05bd79f4211c5a2762825 ()
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=6e0dd741a89be35defa05bd79f4211c5a2762825%3Bhp=597a7679dd83691be2f3a53e1f3f915b4a7f6eba ()
CVE: CVE-2006-1056
CVE: CVE-2006-1056
Id:
CVE-2006-1056
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
Comment
: The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE:
310 (Cryptographic Issues)
References:
FreeBSD-SA-06:14 (FREEBSD)
http://kb.vmware.com/kb/2533126 (CONFIRM)
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9 (CONFIRM)
SUSE-SU-2014:0446 (SUSE)
FEDORA-2006-423 (FEDORA)
[linux-kernel] 20060419 RE: Linux 2.6.16.9 (MLIST)
19715 (SECUNIA)
19724 (SECUNIA)
19735 (SECUNIA)
20398 (SECUNIA)
20671 (SECUNIA)
20716 (SECUNIA)
20914 (SECUNIA)
21035 (SECUNIA)
21136 (SECUNIA)
21465 (SECUNIA)
21983 (SECUNIA)
22417 (SECUNIA)
22875 (SECUNIA)
22876 (SECUNIA)
http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt (MISC)
1015966 (SECTRACK)
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm (CONFIRM)
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm (CONFIRM)
DSA-1097 (DEBIAN)
DSA-1103 (DEBIAN)
SUSE-SA:2006:028 (SUSE)
24746 (OSVDB)
24807 (OSVDB)
RHSA-2006:0437 (REDHAT)
RHSA-2006:0575 (REDHAT)
RHSA-2006:0579 (REDHAT)
20060419 FreeBSD Security Advisory FreeBSD-SA-06:14.fpu (BUGTRAQ)
20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (BUGTRAQ)
20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (BUGTRAQ)
20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (BUGTRAQ)
20061113 VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue (BUGTRAQ)
17600 (BID)
USN-302-1 (UBUNTU)
http://www.vmware.com/download/esx/esx-213-200610-patch.html (CONFIRM)
http://www.vmware.com/download/esx/esx-254-200610-patch.html (CONFIRM)
ADV-2006-1426 (VUPEN)
ADV-2006-1475 (VUPEN)
ADV-2006-2554 (VUPEN)
ADV-2006-4353 (VUPEN)
ADV-2006-4502 (VUPEN)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910 (CONFIRM)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911 (CONFIRM)
amd-fpu-information-disclosure(25871) (XF)
oval:org.mitre.oval:def:9995 (OVAL)
CVE: CVE-2006-1522
CVE: CVE-2006-1522
Id:
CVE-2006-1522
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1522
Comment
: The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE:
20 (Improper Input Validation)
References:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188466 (CONFIRM)
17451 (BID)
19573 (SECUNIA)
20157 (SECUNIA)
RHSA-2006:0493 (REDHAT)
20237 (SECUNIA)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
21745 (SECUNIA)
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3 (CONFIRM)
FEDORA-2006-423 (FEDORA)
24507 (OSVDB)
19735 (SECUNIA)
MDKSA-2006:086 (MANDRIVA)
ADV-2006-1307 (VUPEN)
ADV-2006-1475 (VUPEN)
linux-keyringsearchone-dos(25722) (XF)
oval:org.mitre.oval:def:9325 (OVAL)
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c3a9d6541f84ac3ff566982d08389b87c1c36b4e (MISC)
CVE: CVE-2006-1527
CVE: CVE-2006-1527
Id:
CVE-2006-1527
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1527
Comment
: The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE:
CWE-Other ()
References:
19926 (SECUNIA)
20157 (SECUNIA)
20237 (SECUNIA)
20398 (SECUNIA)
20716 (SECUNIA)
21745 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.13 (CONFIRM)
MDKSA-2006:086 (MANDRIVA)
SUSE-SA:2006:028 (SUSE)
25229 (OSVDB)
RHSA-2006:0493 (REDHAT)
17806 (BID)
2006-0024 (TRUSTIX)
USN-302-1 (UBUNTU)
ADV-2006-1632 (VUPEN)
linux-sctp-netfilter-dos(26194) (XF)
oval:org.mitre.oval:def:10373 (OVAL)
CVE: CVE-2006-1528
CVE: CVE-2006-1528
Id:
CVE-2006-1528
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1528
Comment
: Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE:
20 (Improper Input Validation)
References:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168791 (CONFIRM)
RHSA-2006:0493 (REDHAT)
20237 (SECUNIA)
18101 (BID)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
21045 (SECUNIA)
SUSE-SA:2006:042 (SUSE)
21179 (SECUNIA)
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1 (CONFIRM)
SUSE-SA:2006:047 (SUSE)
21555 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
21745 (SECUNIA)
DSA-1183 (DEBIAN)
DSA-1184 (DEBIAN)
22082 (SECUNIA)
22093 (SECUNIA)
21498 (SECUNIA)
MDKSA-2006:123 (MANDRIVA)
ADV-2006-3330 (VUPEN)
http://marc.info/?l=linux-scsi&m=112540053711489&w=2 (MISC)
kernel-sg-dos(28510) (XF)
oval:org.mitre.oval:def:11037 (OVAL)
http://linux.bkbits.net:8080/linux-2.6/cset%4043220081yu9ClBQNuqSSnW_9amW7iQ (MISC)
CVE: CVE-2006-1855
CVE: CVE-2006-1855
Id:
CVE-2006-1855
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1855
Comment
: choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE:
CWE-Other ()
References:
20237 (SECUNIA)
20716 (SECUNIA)
21179 (SECUNIA)
21745 (SECUNIA)
22093 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
DSA-1184 (DEBIAN)
SUSE-SA:2006:042 (SUSE)
RHSA-2006:0493 (REDHAT)
18099 (BID)
USN-302-1 (UBUNTU)
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=127302 (MISC)
oval:org.mitre.oval:def:11235 (OVAL)
CVE: CVE-2006-1856
CVE: CVE-2006-1856
Id:
CVE-2006-1856
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1856
Comment
: Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE:
CWE-Other ()
References:
[linux-security-module] 20050928 readv/writev syscalls are not checked by lsm (MLIST)
20237 (SECUNIA)
20716 (SECUNIA)
21045 (SECUNIA)
21745 (SECUNIA)
22093 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
DSA-1184 (DEBIAN)
MDKSA-2006:123 (MANDRIVA)
25747 (OSVDB)
RHSA-2006:0493 (REDHAT)
18105 (BID)
USN-302-1 (UBUNTU)
[linux-kernel] 20060426 [PATCH] LSM: add missing hook to do_compat_readv_writev() (MLIST)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191524 (CONFIRM)
oval:org.mitre.oval:def:9927 (OVAL)
CVE: CVE-2006-1857
CVE: CVE-2006-1857
Id:
CVE-2006-1857
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1857
Comment
: Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.
CVSSv2 Score:
9
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:C
CWE:
119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
References:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17 (CONFIRM)
20185 (SECUNIA)
20671 (SECUNIA)
20716 (SECUNIA)
20914 (SECUNIA)
21045 (SECUNIA)
21179 (SECUNIA)
21465 (SECUNIA)
21476 (SECUNIA)
21498 (SECUNIA)
22417 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm (CONFIRM)
DSA-1097 (DEBIAN)
DSA-1103 (DEBIAN)
MDKSA-2006:123 (MANDRIVA)
MDKSA-2006:150 (MANDRIVA)
SUSE-SA:2006:042 (SUSE)
SUSE-SA:2006:047 (SUSE)
25695 (OSVDB)
RHSA-2006:0575 (REDHAT)
18085 (BID)
USN-302-1 (UBUNTU)
ADV-2006-1893 (VUPEN)
ADV-2006-2554 (VUPEN)
linux-sctp-hback-dos(26584) (XF)
oval:org.mitre.oval:def:10622 (OVAL)
CVE: CVE-2006-1858
CVE: CVE-2006-1858
Id:
CVE-2006-1858
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1858
Comment
: SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
CVSSv2 Score:
7.8
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE:
20 (Improper Input Validation)
References:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17 (CONFIRM)
20185 (SECUNIA)
20671 (SECUNIA)
20716 (SECUNIA)
20914 (SECUNIA)
21045 (SECUNIA)
21179 (SECUNIA)
21476 (SECUNIA)
21498 (SECUNIA)
21605 (SECUNIA)
22174 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm (CONFIRM)
DSA-1097 (DEBIAN)
DSA-1103 (DEBIAN)
MDKSA-2006:123 (MANDRIVA)
MDKSA-2006:150 (MANDRIVA)
SUSE-SA:2006:042 (SUSE)
SUSE-SA:2006:047 (SUSE)
25696 (OSVDB)
RHSA-2006:0617 (REDHAT)
18085 (BID)
USN-302-1 (UBUNTU)
ADV-2006-1893 (VUPEN)
ADV-2006-2554 (VUPEN)
linux-sctp-parameter-dos(26585) (XF)
oval:org.mitre.oval:def:9510 (OVAL)
CVE: CVE-2006-1859
CVE: CVE-2006-1859
Id:
CVE-2006-1859
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1859
Comment
: Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak."
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE:
CWE-Other ()
References:
20083 (SECUNIA)
2006-0028 (TRUSTIX)
18033 (BID)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
21045 (SECUNIA)
SUSE-SA:2006:042 (SUSE)
21179 (SECUNIA)
MDKSA-2006:123 (MANDRIVA)
ADV-2006-1767 (VUPEN)
linux-locks-setlease-dos(26438) (XF)
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=1f0e637c94a9b041833947c79110d6c02fff8618 ()
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=blobdiff%3Bh=aa7f66091823dde953e15895dc427615701c39c7%3Bhp=e75ac392a313f3fad823bf2e46a03f29701e3e34%3Bhb=1f0e637c94a9b041833947c79110d6c02fff8618%3Bf=fs/locks.c ()
CVE: CVE-2006-1860
CVE: CVE-2006-1860
Id:
CVE-2006-1860
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1860
Comment
: lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE:
CWE-Other ()
References:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.16 (CONFIRM)
17943 (BID)
20083 (SECUNIA)
25425 (OSVDB)
2006-0028 (TRUSTIX)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
21045 (SECUNIA)
SUSE-SA:2006:042 (SUSE)
21179 (SECUNIA)
MDKSA-2006:123 (MANDRIVA)
ADV-2006-1767 (VUPEN)
linux-locks-lease-init-dos(26437) (XF)
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=1f0e637c94a9b041833947c79110d6c02fff8618 ()
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=blobdiff%3Bh=aa7f66091823dde953e15895dc427615701c39c7%3Bhp=e75ac392a313f3fad823bf2e46a03f29701e3e34%3Bhb=1f0e637c94a9b041833947c79110d6c02fff8618%3Bf=fs/locks.c ()
CVE: CVE-2006-1863
CVE: CVE-2006-1863
Id:
CVE-2006-1863
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1863
Comment
: Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE:
CWE-Other ()
References:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189434 (CONFIRM)
17742 (BID)
19868 (SECUNIA)
2006-0024 (TRUSTIX)
SUSE-SA:2006:028 (SUSE)
DSA-1103 (DEBIAN)
20914 (SECUNIA)
21614 (SECUNIA)
20398 (SECUNIA)
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.11 (CONFIRM)
MDKSA-2006:150 (MANDRIVA)
MDKSA-2006:151 (MANDRIVA)
RHBA-2007-0304 (REDHAT)
ADV-2006-1542 (VUPEN)
ADV-2006-2554 (VUPEN)
25068 (OSVDB)
kernel-cifs-directory-traversal(26141) (XF)
oval:org.mitre.oval:def:10383 (OVAL)
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=296034f7de8bdf111984ce1630ac598a9c94a253 (MISC)
CVE: CVE-2006-1864
CVE: CVE-2006-1864
Id:
CVE-2006-1864
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
Comment
: Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863.
CVSSv2 Score:
4.6
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE:
CWE-Other ()
References:
19869 (SECUNIA)
20237 (SECUNIA)
20398 (SECUNIA)
20671 (SECUNIA)
20716 (SECUNIA)
20914 (SECUNIA)
21035 (SECUNIA)
21476 (SECUNIA)
21614 (SECUNIA)
21745 (SECUNIA)
22497 (SECUNIA)
22875 (SECUNIA)
23064 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm (CONFIRM)
DSA-1097 (DEBIAN)
DSA-1103 (DEBIAN)
MDKSA-2006:150 (MANDRIVA)
MDKSA-2006:151 (MANDRIVA)
SUSE-SA:2006:028 (SUSE)
25067 (OSVDB)
RHSA-2006:0493 (REDHAT)
RHSA-2006:0579 (REDHAT)
RHSA-2006:0580 (REDHAT)
RHSA-2006:0710 (REDHAT)
20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (BUGTRAQ)
20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (BUGTRAQ)
20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (BUGTRAQ)
20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (BUGTRAQ)
17735 (BID)
2006-0026 (TRUSTIX)
USN-302-1 (UBUNTU)
http://www.vmware.com/download/esx/esx-202-200610-patch.html (CONFIRM)
http://www.vmware.com/download/esx/esx-213-200610-patch.html (CONFIRM)
http://www.vmware.com/download/esx/esx-254-200610-patch.html (CONFIRM)
ADV-2006-2554 (VUPEN)
ADV-2006-4502 (VUPEN)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435 (CONFIRM)
kernel-smbfs-directory-traversal(26137) (XF)
oval:org.mitre.oval:def:11327 (OVAL)
CVE: CVE-2006-2071
CVE: CVE-2006-2071
Id:
CVE-2006-2071
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
Comment
: Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.
CVSSv2 Score:
2.1
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N
CWE:
CWE-Other ()
References:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6 (CONFIRM)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190073 (CONFIRM)
20157 (SECUNIA)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
25139 (OSVDB)
RHSA-2006:0579 (REDHAT)
RHSA-2006:0580 (REDHAT)
21035 (SECUNIA)
RHSA-2006:0689 (REDHAT)
22292 (SECUNIA)
RHSA-2006:0710 (REDHAT)
22497 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm (CONFIRM)
22945 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm (CONFIRM)
http://www.vmware.com/download/esx/esx-202-200610-patch.html (CONFIRM)
http://www.vmware.com/download/esx/esx-213-200610-patch.html (CONFIRM)
http://www.vmware.com/download/esx/esx-254-200610-patch.html (CONFIRM)
22875 (SECUNIA)
23064 (SECUNIA)
MDKSA-2006:086 (MANDRIVA)
ADV-2006-1391 (VUPEN)
ADV-2006-4502 (VUPEN)
linux-mprotect-security-bypass(26169) (XF)
oval:org.mitre.oval:def:9978 (OVAL)
20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (BUGTRAQ)
20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (BUGTRAQ)
20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (BUGTRAQ)
20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (BUGTRAQ)
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b78b6af66a5fbaf17d7e6bfc32384df5e34408c8 ()
CVE: CVE-2006-2271
CVE: CVE-2006-2271
Id:
CVE-2006-2271
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2271
Comment
: The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via an unexpected chunk when the session is in CLOSED state.
CVSSv2 Score:
7.8
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE:
CWE-Other ()
References:
20060508 [MU-200605-01] Multiple vulnerabilities in Linux SCTP 2.6.16 (FULLDISC)
http://labs.musecurity.com/advisories/MU-200605-01.txt (MISC)
19990 (SECUNIA)
2006-0026 (TRUSTIX)
17910 (BID)
20157 (SECUNIA)
RHSA-2006:0493 (REDHAT)
20237 (SECUNIA)
25632 (OSVDB)
DSA-1097 (DEBIAN)
20671 (SECUNIA)
SUSE-SA:2006:028 (SUSE)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
DSA-1103 (DEBIAN)
20914 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
21745 (SECUNIA)
20398 (SECUNIA)
21476 (SECUNIA)
MDKSA-2006:086 (MANDRIVA)
ADV-2006-1734 (VUPEN)
ADV-2006-2554 (VUPEN)
linux-sctp-ecne-chunk-dos(26430) (XF)
oval:org.mitre.oval:def:10934 (OVAL)
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=35d63edb1c807bc5317e49592260e84637bc432e ()
CVE: CVE-2006-2272
CVE: CVE-2006-2272
Id:
CVE-2006-2272
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2272
Comment
: Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks.
CVSSv2 Score:
7.8
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE:
CWE-Other ()
References:
20060508 [MU-200605-01] Multiple vulnerabilities in Linux SCTP 2.6.16 (FULLDISC)
http://labs.musecurity.com/advisories/MU-200605-01.txt (MISC)
19990 (SECUNIA)
2006-0026 (TRUSTIX)
17910 (BID)
20157 (SECUNIA)
RHSA-2006:0493 (REDHAT)
20237 (SECUNIA)
25633 (OSVDB)
DSA-1097 (DEBIAN)
20671 (SECUNIA)
SUSE-SA:2006:028 (SUSE)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
DSA-1103 (DEBIAN)
20914 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
21745 (SECUNIA)
20398 (SECUNIA)
21476 (SECUNIA)
MDKSA-2006:086 (MANDRIVA)
ADV-2006-1734 (VUPEN)
ADV-2006-2554 (VUPEN)
linux-sctp-control-chunk-dos(26431) (XF)
oval:org.mitre.oval:def:11243 (OVAL)
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=62b08083ec3dbfd7e533c8d230dd1d8191a6e813 ()
CVE: CVE-2006-2274
CVE: CVE-2006-2274
Id:
CVE-2006-2274
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2274
Comment
: Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE:
CWE-Other ()
References:
2006-0026 (TRUSTIX)
17955 (BID)
RHSA-2006:0493 (REDHAT)
20237 (SECUNIA)
DSA-1097 (DEBIAN)
20671 (SECUNIA)
SUSE-SA:2006:028 (SUSE)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
DSA-1103 (DEBIAN)
20914 (SECUNIA)
21045 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm (CONFIRM)
21745 (SECUNIA)
20398 (SECUNIA)
25746 (OSVDB)
21476 (SECUNIA)
MDKSA-2006:123 (MANDRIVA)
MDKSA-2006:150 (MANDRIVA)
ADV-2006-2554 (VUPEN)
linux-sctp-skb-pull-dos(26432) (XF)
oval:org.mitre.oval:def:9531 (OVAL)
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=672e7cca17ed6036a1756ed34cf20dbd72d5e5f6 ()
CVE: CVE-2006-2275
CVE: CVE-2006-2275
Id:
CVE-2006-2275
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2275
Comment
: Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3 Score:
7.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE:
667 (Improper Locking)
References:
2006-0026 (TRUSTIX)
17955 (BID)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
RHSA-2006:0575 (REDHAT)
21465 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm (CONFIRM)
22417 (SECUNIA)
linux-sctp-receive-dos(26433) (XF)
oval:org.mitre.oval:def:11295 (OVAL)
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c3ceb4fb9667f34f1599a062efecf4cdc4a4ce5 ()
CVE: CVE-2006-2444
CVE: CVE-2006-2444
Id:
CVE-2006-2444
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2444
Comment
: The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
CVSSv2 Score:
7.8
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE:
CWE-Other ()
References:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.18 (CONFIRM)
20225 (SECUNIA)
18081 (BID)
20182 (SECUNIA)
1016153 (SECTRACK)
VU#681569 (CERT-VN)
USN-302-1 (UBUNTU)
20716 (SECUNIA)
RHSA-2006:0580 (REDHAT)
21035 (SECUNIA)
RHSA-2006:0437 (REDHAT)
21136 (SECUNIA)
SUSE-SA:2006:042 (SUSE)
21179 (SECUNIA)
SUSE-SA:2006:047 (SUSE)
RHSA-2006:0617 (REDHAT)
21605 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm (CONFIRM)
21983 (SECUNIA)
DSA-1183 (DEBIAN)
DSA-1184 (DEBIAN)
22082 (SECUNIA)
22093 (SECUNIA)
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm (CONFIRM)
22174 (SECUNIA)
SUSE-SA:2006:064 (SUSE)
25750 (OSVDB)
22822 (SECUNIA)
21498 (SECUNIA)
MDKSA-2006:087 (MANDRIVA)
ADV-2006-1916 (VUPEN)
linux-snmp-nathelper-dos(26594) (XF)
oval:org.mitre.oval:def:11318 (OVAL)
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=1db6b5a66e93ff125ab871d6b3f7363412cc87e8 (MISC)
Content available only for registered users!
ovaldb@altx-soft.com