[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-1184Date: (C)2009-05-05   (M)2024-02-22


The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.4
Exploit Score: 3.4
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECUNIA-35121
SECUNIA-35656
DSA-1800
MDVSA-2009:118
MDVSA-2009:119
MDVSA-2009:135
USN-793-1
http://lwn.net/Articles/331434/
http://lwn.net/Articles/331435/
http://www.openwall.com/lists/oss-security/2009/05/04/1
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=910c9e41186762de3717baaf392ab5ff0c454496
http://patchwork.ozlabs.org/patch/25238/
https://launchpad.net/bugs/cve/2009-1184

CPE    305
cpe:/o:linux:linux_kernel:2.6.20.19
cpe:/o:linux:linux_kernel:2.6.23.1
cpe:/o:linux:linux_kernel:2.6.23.2
cpe:/o:linux:linux_kernel:2.6.23.3
...
CWE    1
CWE-16
OVAL    8
oval:org.secpod.oval:def:600380
oval:org.secpod.oval:def:300792
oval:org.secpod.oval:def:700305
oval:org.mitre.oval:def:8300
...

© SecPod Technologies