Oracle Linux 5 : ELSA-2014-0433-1: / kernel (ELSA-2014-04331)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-04331 advisory. - Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11 allow physically...

K15304: Linux kernel tcp_rcv_state_process vulnerability CVE-2012-6638

Security Advisory Description The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets. CVE-2012-6638 Impact Remote attackers may be able to cause a...

SUSE CVE-2012-2663

extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant...

SUSE CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

Packet Sanity (CVE-1999-0193; CVE-1999-0675; CVE-2000-0221; CVE-2002-1071; CVE-2003-1029; CVE-2004-0247; CVE-2004-1109; CVE-2007-1804; CVE-2007-3026; CVE-2008-7127; CVE-2010-1185; CVE-2011-0975; CVE-2012-6638; CVE-2014-3000)

...

Oracle: Security Advisory (ELSA-2014-0433)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : kernel (RHSA-2014:0772)

Updated kernel packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

RedHat Update for kernel RHSA-2014:0433-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 : kernel (ELSA-2014-0433-1)

From Red Hat Security Advisory 2014:0433 : Updated kernel packages that fix two security issues, three bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140424)

A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled TCP packets with both the SYN and FIN flags set. A remote attacker could use this flaw to consume an excessive amount of resources on the target system, potentially resulting in a denial of service...

Linux Kernel 'tcp_rcv_state_process()'函数拒绝服务漏洞

BUGTRAQ ID: 65654 CVECAN ID: CVE-2012-6638 Linux Kernel是Linux操作系统的内核。 Linux kernel 3.2.24之前版本net/ipv4/tcpinput.c内的tcprcvstateprocess函数在处理大量的SYN+FIN TCP数据包时，存在越界访问错误，远程攻击者可利用此漏洞造成拒绝服务。 0 Linux kernel 3.2.24 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.kernel.org/...

CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

CVE-2012-2663

extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant...

BELL-CVE-2012-6638 CVE-2012-6638 does not affect BellSoft software

Bulletin has no description...

CVE-2012-6638

CVE-2012-6638 (Linux kernel) affects the tcp_rcv_state_process in net/ipv4/tcp_input.c and can cause a DoS due to a flood of SYN+FIN packets. The vulnerability exists in kernels before 3.2.24 and is fixed in the 3.2.24 update (per ChangeLog-3.2.24). Exploitation is described as remote and results...

CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

UBUNTU-CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...