cpe:/o:debian:debian_linux:4.0 cpe:/o:debian:debian_linux:5.0 cpe:/o:linux:linux_kernel:2.6.32.3 CVE-2009-4536 2010-01-12T12:30:00.697-05:00 2018-11-16T10:51:54.303-05:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2018-11-13T09:40:19.707-05:00 SECTRACK 1023420 SECUNIA 35265 BID 37519 SECUNIA 38031 SECUNIA 38276 SECUNIA 38296 SECUNIA 38492 SECUNIA 38610 SECUNIA 38779 DEBIAN DSA-1996 DEBIAN DSA-2005 FEDORA FEDORA-2010-1787 IAVM IAVM:2011-A-0075 REDHAT RHSA-2010:0019 REDHAT RHSA-2010:0020 REDHAT RHSA-2010:0041 REDHAT RHSA-2010:0053 REDHAT RHSA-2010:0095 REDHAT RHSA-2010:0111 REDHAT RHSA-2010:0882 SUSE SUSE-SA:2010:005 SUSE SUSE-SA:2010:007 SUSE SUSE-SA:2010:010 SUSE SUSE-SA:2010:012 SUSE SUSE-SA:2010:013 SUSE SUSE-SA:2010:014 MLIST [oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389 MLIST [oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389 MLIST [oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389 MISC http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/ MISC http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html CONFIRM http://marc.info/?t=126203102000001&r=1&w=2 CONFIRM http://www.vmware.com/security/advisories/VMSA-2011-0009.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=552126 XF kernel-e1000main-security-bypass(55648) drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.