Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LinuxLinux Kernel2.4.5

73 matches found

CVE
CVEadded 2005/06/28 4:0 a.m.51 views

CVE-2002-1976

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.

2.1CVSS6.5AI score0.00075EPSS
CVE
CVEadded 2005/04/05 4:0 a.m.51 views

CVE-2005-0749

The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer.

7.2CVSS5AI score0.00043EPSS
CVE
CVEadded 2009/10/19 8:0 p.m.51 views

CVE-2005-4881

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_f...

4.9CVSS6.5AI score0.00073EPSS
CVE
CVEadded 2007/10/09 10:0 a.m.50 views

CVE-2004-2731

Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative bu...

4.4CVSS7.3AI score0.00127EPSS
CVE
CVEadded 2006/01/06 11:3 a.m.50 views

CVE-2006-0096

wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is prote...

7.2CVSS5.1AI score0.00053EPSS
CVE
CVEadded 2006/03/15 5:6 p.m.50 views

CVE-2006-1242

The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks...

5CVSS7.3AI score0.0304EPSS
CVE
CVEadded 2006/01/23 10:0 p.m.49 views

CVE-2002-1571

The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.

2.1CVSS6.1AI score0.00075EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.49 views

CVE-2004-0658

Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_...

7.2CVSS7.9AI score0.00067EPSS
CVE
CVEadded 2002/05/03 4:0 a.m.48 views

CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network tra...

5CVSS7.1AI score0.08688EPSS
CVE
CVEadded 2006/01/27 10:0 p.m.48 views

CVE-2002-1573

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling."

10CVSS6.4AI score0.00437EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.47 views

CVE-2004-0812

Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code.

2.1CVSS7AI score0.00072EPSS
CVE
CVEadded 2006/05/31 10:0 a.m.47 views

CVE-2004-0997

Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.

4.6CVSS6.1AI score0.00067EPSS
CVE
CVEadded 2005/05/11 4:0 a.m.47 views

CVE-2005-1263

The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pa...

7.2CVSS5.8AI score0.00058EPSS
CVE
CVEadded 2006/01/27 10:0 p.m.46 views

CVE-2002-1572

Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors.

10CVSS6.7AI score0.00437EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.46 views

CVE-2002-1574

Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors.

4.6CVSS6.8AI score0.00139EPSS
CVE
CVEadded 2005/03/07 5:0 a.m.45 views

CVE-2005-0179

Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call.

2.1CVSS5.2AI score0.00067EPSS
CVE
CVEadded 2005/10/25 6:2 p.m.45 views

CVE-2005-2708

The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash uli...

2.1CVSS6.2AI score0.00097EPSS
CVE
CVEadded 2002/08/12 4:0 a.m.44 views

CVE-2002-0499

The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.

2.1CVSS6.6AI score0.00461EPSS
CVE
CVEadded 2002/07/03 4:0 a.m.44 views

CVE-2002-0570

The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key.

2.1CVSS6.5AI score0.00118EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.42 views

CVE-2005-0207

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

2.1CVSS6.2AI score0.00078EPSS
CVE
CVEadded 2005/06/01 4:0 a.m.40 views

CVE-2004-2135

cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

2.1CVSS6.9AI score0.00456EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.38 views

CVE-2002-1319

The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.

2.1CVSS6.2AI score0.00063EPSS
CVE
CVEadded 2005/06/28 4:0 a.m.38 views

CVE-2002-1963

Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows local users to cause a denial of service (resource exhaustion) by opening 10 setuid binaries.

2.1CVSS6.5AI score0.0006EPSS
Total number of security vulnerabilities73