Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-312
HistoryJun 09, 2003 - 12:00 a.m.

kernel-patch-2.4.18-powerpc - several vulnerabilities

2003-06-0900:00:00
Google
osv.dev
28

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

A number of vulnerabilities have been discovered in the Linux kernel.

CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for
Linux kernels 2.4.18 and earlier on x86 systems allow local users to
kill arbitrary processes via a binary compatibility interface
(lcall).

CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device
drivers do not pad frames with null bytes, which allows remote
attackers to obtain information from previous packets or kernel
memory by using malformed packets.

CAN-2003-0127: The kernel module loader allows local users to gain
root privileges by using ptrace to attach to a child process that is
spawned by the kernel.

CAN-2003-0244: The route cache implementation in Linux 2.4, and the
Netfilter IP conntrack module, allows remote attackers to cause a
denial of service (CPU consumption) via packets with forged source
addresses that cause a large number of hash table collisions related
to the PREROUTING chain.

CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and
earlier does not properly restrict privileges, which allows local
users to gain read or write access to certain I/O ports.

CAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel
2.4 allows attackers to cause a denial of service (“kernel oops”).

CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers
to modify CPU state registers via a malformed address.

CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux
kernel 2.4 allows remote attackers to cause a denial of service (CPU
consumption) via certain packets that cause a large number of hash
table collisions.

This advisory covers only the powerpc architecture. Other
architectures will be covered by separate advisories.

For the stable distribution (woody) on the powerpc architecture, these
problems have been fixed in version 2.4.18-1woody1.

For the unstable distribution (sid) these problems are fixed in
version 2.4.20-2.

We recommend that you update your kernel packages.

NOTE: A system reboot will be required immediately after the upgrade
in order to replace the running kernel. Remember to read carefully
and follow the instructions given during the kernel upgrade process.

Related

openvas 22
debian 15
nessus 29
osv 8
securityvulns 8
redhat 5
f5 2
cert 2
cve 12
suse 1
ubuntucve 5
saint 4
slackware 1
exploitpack 3
seebug 4
packetstorm 2
exploitdb 3
paloalto 1
prion 4
oracle 1
openvas
openvas
Debian Security Advisory DSA 311-1 (kernel)
2008-01-17 00:00:00
Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)
2008-01-17 00:00:00
Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA-312-1] New powerpc kernel fixes several vulnerabilities
2003-06-10 03:42:32
[SECURITY] [DSA-332-1] New Linux 2.4.17 source code and MIPS kernel images fix several vulnerabilities
2003-06-29 01:44:01
[SECURITY] [DSA-311-1] New kernel packages fix several vulnerabilities
2003-06-09 01:26:02
nessus
nessus
Debian DSA-332-1 : linux-kernel-2.4.17 - several vulnerabilities
2004-09-29 00:00:00
Debian DSA-312-1 : kernel-patch-2.4.18-powerpc - several vulnerabilities
2004-09-29 00:00:00
Debian DSA-311-1 : linux-kernel-2.4.18 - several vulnerabilities
2004-09-29 00:00:00
osv
osv
linux-kernel-2.4.17 - several vulnerabilities
2003-06-27 00:00:00
linux-kernel-2.4.18 - several vulnerabilities
2003-06-08 00:00:00
linux-kernel-2.2.20 - several vulnerabilities
2003-06-29 00:00:00
securityvulns
securityvulns
MDKSA-2003:066 - Updated kernel packages fix multiple vulnerabilities
2003-06-21 00:00:00
[RHSA-2003:172-00] Updated 2.4 kernel fixes security vulnerabilities and various bugs
2003-05-15 00:00:00
[ESA-20030318-009] Several 'kernel' vulnerabilities
2003-03-19 00:00:00
redhat
redhat
(RHSA-2003:195) kernel security update
2003-06-19 00:00:00
(RHSA-2003:147) kernel security update
2003-05-29 00:00:00
(RHSA-2003:145) Updated kernel fixes security vulnerabilities and updates drivers
2003-05-27 00:00:00
f5
f5
SOL2591 - Linux kernel vulnerabilities - CAN-2003-0244, CAN-2003-0246
2007-05-16 00:00:00
Linux kernel vulnerabilities CAN-2003-0244 and CAN-2003-0246
2007-05-17 04:00:00
cert
cert
ptrace contains vulnerability allowing for local root compromise
2004-04-16 00:00:00
Network device drivers reuse old frame buffer data to pad packets
2003-01-06 00:00:00
cve
cve
CVE-2003-0246
2003-06-16 04:00:00
CVE-2003-0364
2003-06-16 04:00:00
CVE-2003-0248
2003-06-16 04:00:00
suse
suse
local privilege escalation in kernel
2003-03-25 17:27:05
ubuntucve
ubuntucve
CVE-2003-0246
2003-06-16 00:00:00
CVE-2003-0127
2003-03-31 00:00:00
CVE-2003-0244
2003-05-27 00:00:00
saint
saint
Linux kernel ptrace privilege elevation vulnerability
2007-06-27 00:00:00
Linux kernel ptrace privilege elevation vulnerability
2007-06-27 00:00:00
Linux kernel ptrace privilege elevation vulnerability
2007-06-27 00:00:00
slackware
slackware
2.4.21 kernels available
2003-06-17 22:01:21
exploitpack
exploitpack
Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak
2013-06-10 00:00:00
Ethernet Device Drivers Frame Padding - Etherleak Infomation Leakage
2007-03-23 00:00:00
Linux Kernel 2.0.x2.2.x2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
2007-03-23 00:00:00
seebug
seebug
Linux Kernel 2.0.x/2.2.x/2.4.x,FreeBSD 4.x Network Device Driver Frame Padding Information Disclosure
2014-07-01 00:00:00
Cisco ASA < 8.4.4.6 & 8.2.5.32 - Ethernet Information Leak
2014-07-01 00:00:00
Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak)
2014-07-01 00:00:00
packetstorm
packetstorm
Cisco ASA Ethernet Information Leak
2013-06-10 00:00:00
etherleak.txt
2007-03-24 00:00:00
exploitdb
exploitdb
Ethernet Device Drivers Frame Padding - &#039;Etherleak&#039; Infomation Leakage
2007-03-23 00:00:00
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
2007-03-23 00:00:00
Cisco ASA &lt; 8.4.4.6 &lt; 8.2.5.32 - Ethernet Information Leak
2013-06-10 00:00:00
paloalto
paloalto
PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)
2021-01-13 17:00:00
prion
prion
Sql injection
2013-07-11 14:55:00
Design/Logic Flaw
2018-01-10 22:29:00
Information disclosure
2021-01-13 18:15:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-312
openvas22debian15nessus29osv8securityvulns8redhat5f52cert2cve12suse1ubuntucve5saint4slackware1exploitpack3seebug4packetstorm2exploitdb3paloalto1prion4oracle1