Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*
There are 2,626 matching records.
Displaying matches 2,601 through 2,620.
Vuln ID Summary CVSS Severity
CVE-2005-3784

The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.

Published: November 23, 2005; 4:03:00 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2005-3753

Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker.

Published: November 22, 2005; 3:03:00 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2005-2709

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.

Published: November 20, 2005; 5:03:00 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2005-2973

The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).

Published: October 27, 2005; 2:02:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-3274

Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.

Published: October 20, 2005; 9:02:00 PM -0400
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2005-3275

The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption.

Published: October 20, 2005; 9:02:00 PM -0400
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2005-3276

The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.

Published: October 20, 2005; 9:02:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-3180

The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.

Published: October 12, 2005; 9:04:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-3181

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

Published: October 12, 2005; 9:04:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-3119

Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.

Published: October 12, 2005; 9:03:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-3179

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.

Published: October 12, 2005; 9:03:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-3055

Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.

Published: September 26, 2005; 3:03:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-3044

Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems.

Published: September 22, 2005; 5:03:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0504

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.

Published: March 14, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2003-1327

Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2003-1332

Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-1372

Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2003-1388

Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2003-1423

Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-1428

Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.8 MEDIUM