[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-2490Date: (C)2005-09-14   (M)2023-12-22


Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.6
Exploit Score: 3.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-14785
SECUNIA-16747
SECUNIA-17002
SECUNIA-17073
SECUNIA-17826
SECUNIA-17918
SECUNIA-19374
2005-0049
ADV-2005-1878
DSA-1017
FLSA:157459-1
FLSA:157459-2
FLSA:157459-3
MDKSA-2005:219
MDKSA-2005:220
MDKSA-2005:235
RHSA-2005:514
RHSA-2005:663
SUSE-SA:2005:068
USN-178-1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248
kernel-sendmsg-bo(22217)
oval:org.mitre.oval:def:10481

CPE    40
cpe:/o:linux:linux_kernel:2.6.1:rc1
cpe:/o:linux:linux_kernel:2.6.6:rc1
cpe:/o:linux:linux_kernel:2.6.8
cpe:/o:linux:linux_kernel:2.6.11:rc4
...

© SecPod Technologies