National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.3:rc4
There are 2,526 matching records.
Displaying matches 2341 through 2360.
Vuln ID Summary CVSS Severity
CVE-2007-2172

A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.

Published: April 22, 2007; 03:19:00 PM -04:00
    V2: 4.7 MEDIUM
CVE-2007-1945

Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors.

Published: April 10, 2007; 09:19:00 PM -04:00
    V2: 7.5 HIGH
CVE-2007-1357

The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum.

Published: April 10, 2007; 08:19:00 PM -04:00
    V2: 7.8 HIGH
CVE-2007-1913

The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Published: April 10, 2007; 07:19:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2007-1915

Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Published: April 10, 2007; 07:19:00 PM -04:00
    V2: 7.5 HIGH
CVE-2007-1916

Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Published: April 10, 2007; 07:19:00 PM -04:00
    V2: 10.0 HIGH
CVE-2007-1917

Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Published: April 10, 2007; 07:19:00 PM -04:00
    V2: 10.0 HIGH
CVE-2007-1918

The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Published: April 10, 2007; 07:19:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2007-1884

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.

Published: April 05, 2007; 09:19:00 PM -04:00
    V2: 6.8 MEDIUM
CVE-2007-1727

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors.

Published: March 28, 2007; 06:19:00 AM -04:00
    V2: 6.5 MEDIUM
CVE-2007-1592

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.

Published: March 22, 2007; 03:19:00 PM -04:00
    V2: 4.9 MEDIUM
CVE-2007-1589

TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user.

Published: March 21, 2007; 07:19:00 PM -04:00
    V2: 2.1 LOW
CVE-2007-0653

Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption.

Published: March 21, 2007; 06:19:00 PM -04:00
    V2: 9.3 HIGH
CVE-2006-7164

SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests.

Published: March 20, 2007; 06:19:00 AM -04:00
    V2: 4.3 MEDIUM
CVE-2007-1496

nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference.

Published: March 16, 2007; 06:19:00 PM -04:00
    V2: 4.9 MEDIUM
CVE-2007-1497

nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.

Published: March 16, 2007; 06:19:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2007-1000

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.

Published: March 12, 2007; 07:19:00 PM -04:00
    V2: 7.2 HIGH
CVE-2007-1398

The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet.

Published: March 10, 2007; 05:19:00 PM -05:00
    V2: 7.1 HIGH
CVE-2007-1388

The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference.

Published: March 10, 2007; 02:19:00 PM -05:00
    V2: 4.4 MEDIUM
CVE-2007-1281

Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression.

Published: March 05, 2007; 08:19:00 PM -05:00
    V2: 7.8 HIGH