75 matches found
Linux Kernel ext4_fill_flex_info函数拒绝服务漏洞
CVE ID: CVE-2009-4307 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的ext4子系统fs/ext4/super.c文件中的ext4fillflexinfo函数中存在拒绝服务漏洞。如果用户所加载的 ext4文件系统中的超级块带有超大的FLEXBG组大小(也称为sloggroupsperflex值),groupsperflex就会溢出,导致0除数错误,系统可能会崩溃。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
BELL-CVE-2009-4307 CVE-2009-4307 does not affect BellSoft software
Bulletin has no description...
CVE-2009-4307
The CVE-2009-4307 issue affects the Linux kernel ext4 subsystem: the ext4_fill_flex_info function in fs/ext4/super.c allows a remote attacker to trigger a divide-by-zero and panic when a malformed ext4 super block has a large FLEX_BG group size (s_log_groups_per_flex). Impact is denial of service...
Solaris Update for /usr/sbin/format 113072-08
Check for the Version of /usr/sbin/format OpenVAS Vulnerability Test Solaris Update for /usr/sbin/format 113072-08 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Solaris Update for format 114423-07
Check for the Version of format OpenVAS Vulnerability Test Solaris Update for format 114423-07 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...
CentOS Security Advisory CESA-2009:0473 (kernel)
The remote host is missing updates to kernel announced in advisory CESA-2009:0473. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities
---------------------------------------------------------------------- Debian Security Advisory DSA-1794-1 [email protected] http://www.debian.org/security/ dann frazier May 6, 2009 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
CentOS Security Advisory CESA-2009:0459 (kernel)
The remote host is missing updates to kernel announced in advisory CESA-2009:0459. CESA-2009:0459 63946 2 $Id: ovcesa20090459.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:0459 kernel Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
RedHat Security Advisory RHSA-2009:0451
The remote host is missing updates announced in advisory RHSA-2009:0451. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues: a logic error was found in the dosetlk function of the Linux kernel Network...
CentOS Security Advisory CESA-2009:0459 (kernel)
The remote host is missing updates to kernel announced in advisory CESA-2009:0459. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
Debian: Security Advisory (DSA-1787-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-4307
Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...
CVE-2008-4307
CVE-2008-4307 is a Linux kernel local-denial-of-service issue caused by a race in do_setlk (fs/nfs/file.c) where improper handling of a race between fcntl and close in the EINTR path can crash the kernel and leave a stray FL_POSIX lock. Affected product: Linux kernel versions before 2.6.26. The v...
CVE-2007-4307
Storesprite 7 and earlier suffer multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the next parameter to addaddress.php, editshipdetails.php, register.php, or login.php in the secure/ path. The affected component is the web application Storesprite...
CVE-2006-4307
CVE-2006-4307 affects Sun Solaris 8 and 9 (before 2006-08-21) via the format command. The vulnerability allows local users with appropriate profile (e.g., ones permitting running format with elevated privileges) to modify arbitrary files through unspecified vectors. The description does not speci...