1048 matches found
Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1205-1)
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...
USN-1205-1: Linux kernel (Maverick backport) vulnerabilities
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...
USN-1203-1: Linux kernel (Marvel DOVE) vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...
USN-1201-1: Linux kernel vulnerabilities
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...
kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to 1 the l2capsockgetsockoptold function in...
Wireshark 1.4.9 & Wireshark 1.6.2 updated version released
Wireshark 1.4.9 & Wireshark 1.6.2 updated version released Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. The following bugs have been fixed: configure ignores partially LDFLAGS. Bug 5607 Build fails when it...
Integer overflow
Integer underflow in the l2capconfigreq function in net/bluetooth/l2capcore.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a small command-size value within the command header of a Logical...
CVE-2011-2497
Integer underflow in the l2capconfigreq function in net/bluetooth/l2capcore.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a small command-size value within the command header of a Logical...
UBUNTU-CVE-2011-2497
Integer underflow in the l2capconfigreq function in net/bluetooth/l2capcore.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a small command-size value within the command header of a Logical...
Ubuntu Update for linux USN-1189-1
Ubuntu Update for Linux kernel vulnerabilities USN-1189-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11891.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1189-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
PT-2011-3903 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0 Description: The issue is caused by an integer underflow in the l2cap config req function, which can lead to a denial of service due to heap memory corruption or possibly have other unspecified impacts. This...
Ubuntu 8.04 LTS : linux vulnerabilities (USN-1189-1)
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...
kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to 1 the l2capsockgetsockoptold function in...
kernel: bluetooth: potential bad memory access with sysfs files
Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service memory corruption via a large number of Bluetooth sockets, related to the size of sysfs files in 1 net/bluetooth/l2cap.c, 2 net/bluetooth/rfcomm/core.c, 3...
kernel: bluetooth: potential bad memory access with sysfs files
Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service memory corruption via a large number of Bluetooth sockets, related to the size of sysfs files in 1 net/bluetooth/l2cap.c, 2 net/bluetooth/rfcomm/core.c, 3...
Wireshark: various flaws in a) RADIUS, b) Bluetooth L2CAP, c) MIOP dissectors (DoS)
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service application crash via a file that records a malformed packet trace and is processed by the 1 Bluetooth L2CAP, 2 RADIUS, or 3 MIOP dissector. NOTE: it was later reported that the RADIUS issu...
CVE-2010-1084
Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service memory corruption via a large number of Bluetooth sockets, related to the size of sysfs files in 1 net/bluetooth/l2cap.c, 2 net/bluetooth/rfcomm/core.c, 3...
GLSA-200911-05 : Wireshark: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200911-05 Wireshark: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Wireshark: Ryan Giobbi reported an integer overflow in wiretap/erf.c CVE-2009-3829. The vendor reported multiple unspecified...
GLSA-200909-16 : Wireshark: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200909-16 Wireshark: Denial of Service Multiple vulnerabilities were discovered in Wireshark: A buffer overflow in the IPMI dissector related to an array index error CVE-2009-2559. Multiple unspecified vulnerabilities in the...
Wireshark 1.2.0多个安全漏洞
Bugraq ID: 35748 Wireshark是一款开放源代码的协议处理程序。 Wireshark存在多个安全问题,远程攻击者可以利用漏洞使应用程序崩溃。 -IPMI解析器存在数组索引错误,发送特殊构建的网络报文可导致应用程序崩溃。 -蓝牙L2CAP, RADIUS, MIOP和sFlow解析器存在错误,通过发送特殊构建的网络报文可导致应用程序崩溃或挂起。 -AFS解析器存在错误可导致应用程序崩溃。 -Infiniband解析器存在错误,发送特殊构建的网络报文可导致部分平台上的应用程序崩溃。 Wireshark Wireshark 1.2 Wireshark Wireshark...