cpe:/o:linux:linux_kernel:2.6.23 CVE-2007-5904 2007-11-09T13:46:00.000-05:00 2017-09-28T21:29:44.033-04:00 6.8 ADJACENT_NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-11-12T09:15:00.000-05:00 ALLOWS_ADMIN_ACCESS SECTRACK 1019612 BUGTRAQ 20080208 rPSA-2008-0048-1 kernel BID 26438 SECUNIA 27666 SECUNIA 27888 SECUNIA 27912 SECUNIA 28643 SECUNIA 28826 SECUNIA 29245 SECUNIA 29387 SECUNIA 29570 SECUNIA 30769 SECUNIA 30818 VUPEN ADV-2007-3860 DEBIAN DSA-1428 REDHAT RHSA-2008:0089 REDHAT RHSA-2008:0167 SUSE SUSE-SA:2007:063 SUSE SUSE-SA:2007:064 SUSE SUSE-SA:2008:013 SUSE SUSE-SA:2008:017 SUSE SUSE-SA:2008:030 UBUNTU USN-618-1 MLIST [linux-kernel] 20071108 Buffer overflow in CIFS VFS. MLIST [linux-kernel] 20071109 Re: Fw: Buffer overflow in CIFS VFS. CONFIRM http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=commitdiff;h=133672efbc1085f9af990bdc145e1822ea93bcf3 CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048 XF kernel-cifsvfs-sendreceive-bo(38450) Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.