DEBIAN-CVE-2011-2189

net/core/netnamespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service memory consumption via requests to a daemon that requires a separate namespace...

CVE-2011-2189

net/core/netnamespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service memory consumption via requests to a daemon that requires a separate namespace...

CVE-2011-2189

net/core/netnamespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service memory consumption via requests to a daemon that requires a separate namespace...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

UBUNTU-CVE-2011-0149

WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to a...

CVE-2011-0149

WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to a...

CVE-2010-0006

The ipv6hopjumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service NULL pointer dereference via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567...

Null pointer dereference

The ipv6hopjumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service NULL pointer dereference via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567...

CVE-2010-0006

CVE-2010-0006 maps to a Linux kernel IPv6 extension header issue: the ipv6_hop_jumbo check in net/ipv6/exthdrs.c can dereference NULL when processing an invalid IPv6 jumbogram, causing remote denial of service. The affected line set is in kernels before 2.6.32.4, with network namespaces enabled. ...

CVE-2010-0006

The ipv6hopjumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service NULL pointer dereference via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567...

[SECURITY] Fedora 11 Update: xerces-c27-2.7.0-8.fc11

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and wri te XML data. A shared library is provided for parsing, generating, manipulatin g, and validating XML documents. Xerces-C is faithful to the XML 1.0...

[SECURITY] Fedora 10 Update: xerces-c-2.8.0-5.fc10

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

USN-793-1: Linux kernel vulnerabilities

Igor Zhbanov discovered that NFS clients were able to create device nodes even when rootsquash was enabled. An authenticated remote attacker could create device nodes with open permissions, leading to a loss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were affected...

CVE-2009-1338

The killsomethinginfo function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via ...

CVE-2009-1338

The CVE-2009-1338 issue is confirmed in the Linux kernel prior to 2.6.28, where the kill_something_info() function in kernel/signal.c did not respect PID namespaces when handling signals directed to PID -1. This allowed a local attacker to bypass namespace isolation and send signals to processes ...

security flaw

Stack-based buffer overflow in the browsegetnamespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service crash or execute arbitrary code via long namespaces received from the IMAP server...

security flaw

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...

CVE-2005-2269

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...

XHTML node spoofing — Mozilla

Parts of the browser UI relied too much on DOM node names without taking different namespaces into account and verifying that nodes really were of the expected type. An XHTML document could be used to create fake elements, for example, with content-defined properties that the browser would access...

PT-2010-5679 · Linux +1 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise versions prior to 2.6.35.2 openSUSE affected versions not specified Description: The issue involves multiple vulnerabilities in the Linux kernel and related packages, which can be exploited to compromise the...