6 matches found
CVE-2016-5285
CVE-2016-5285 is a NULL pointer dereference in Mozilla NSS caused by a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime. The vulnerability can allow a remote attacker to crash a TLS/SSL server (Denial of Service). Affected context in the provided documents includes NS...
CVE-2008-2812
CVE-2008-2812 affects the Linux kernel prior to 2.6.25.10, with NULL pointer dereferences in tty handling (notably in drivers/net/ such as hamradio, irda, ppp, slip, wan, and wireless components) potentially enabling local privilege escalation or a system crash. The issue arises from missing chec...
CVE-2009-0115
CVE-2009-0115 affects the device-mapper-multipath tool (multipath-tools) version 0.4.8 used in multiple Linux distributions (SUSE openSUSE, SLES, Fedora, etc.). The underlying issue is world-writable permissions on the socket file /var/run/multipathd.sock, which allows a local user to send arbitr...
CVE-2001-1494
CVE-2001-1494 affects util-linux (and mount) prior to versions updated in RHSA-2005:782. The issue is a hardlink-based flaw in the script command: a local attacker can create a hardlink named typescript in a writable directory, and when the script command is run by root, the attacker’s file can b...
CVE-2006-1058
CVE-2006-1058 affects BusyBox 1.1.1, where the passwd generation did not use a salt, enabling local password guessing from a stolen password file. The issue is addressed by security advisories and patches in multiple distributions (RHSA-2007:0244; CESA-2007:0244; ELSA-2007-0244; RHSA). Affected p...
CVE-2007-5830
This CVE (CVE-2007-5830) affects Avaya Messaging Storage Server (MSS) 3.1 before SP1 and Message Networking (MN) 3.1. A vulnerability in the administrative interface allows remote denial-of-service via input validation issues. The NVD entry provides a CVSSv2 base score of 7.8 (HIGH) with network ...