[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5904Date: (C)2007-11-09   (M)2023-12-22


Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 3.2
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: ADJACENT_NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1019612
http://www.securityfocus.com/archive/1/487808/100/0/threaded
BID-26438
SECUNIA-27666
SECUNIA-27888
SECUNIA-27912
SECUNIA-28643
SECUNIA-28826
SECUNIA-29245
SECUNIA-29387
SECUNIA-29570
SECUNIA-30769
SECUNIA-30818
ADV-2007-3860
DSA-1428
RHSA-2008:0089
RHSA-2008:0167
SUSE-SA:2007:063
SUSE-SA:2007:064
SUSE-SA:2008:013
SUSE-SA:2008:017
SUSE-SA:2008:030
USN-618-1
http://marc.info/?l=linux-kernel&m=119455843205403&w=2
http://marc.info/?l=linux-kernel&m=119457447724276&w=2
http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commitdiff%3Bh=133672efbc1085f9af990bdc145e1822ea93bcf3
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048
kernel-cifsvfs-sendreceive-bo(38450)
oval:org.mitre.oval:def:9901

CPE    1
cpe:/o:linux:linux_kernel
CWE    1
CWE-119

© SecPod Technologies