[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3275Date: (C)2005-10-20   (M)2023-12-22


The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.6
Exploit Score: 4.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-15531
SECUNIA-17826
SECUNIA-17918
SECUNIA-18056
SECUNIA-18059
SECUNIA-18562
SECUNIA-18684
SECUNIA-18977
SECUNIA-19185
SECUNIA-19607
20060402-01-U
DSA-921
DSA-922
FLSA:157459-1
FLSA:157459-2
FLSA:157459-3
MDKSA-2005:218
MDKSA-2005:219
MDKSA-2005:220
MDKSA-2006:044
RHSA-2006:0140
RHSA-2006:0190
RHSA-2006:0191
SUSE-SA:2005:068
USN-219-1
http://linux.bkbits.net:8080/linux-2.6/cset%4042e14e05d0V1d88nZlaIX1F9dCRApA
oval:org.mitre.oval:def:10142

CPE    96
cpe:/o:linux:linux_kernel:2.4.27:pre5
cpe:/o:linux:linux_kernel:2.4.27:pre4
cpe:/o:linux:linux_kernel:2.4.27:pre1
cpe:/o:linux:linux_kernel:2.6.12
...

© SecPod Technologies