2.1

CVE-2006-1343

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.4.0
LinuxLinux Kernel Version2.6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.42% 0.335
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22875
http://www.securityfocus.com/archive/1/451404/100/0/threaded
http://www.securityfocus.com/archive/1/451417/100/200/threaded
http://www.securityfocus.com/archive/1/451426/100/200/threaded
http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vupen.com/english/advisories/2006/4502
http://secunia.com/advisories/22093
http://www.debian.org/security/2006/dsa-1184
http://www.securityfocus.com/archive/1/451419/100/200/threaded
http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://secunia.com/advisories/21136
http://secunia.com/advisories/21465
http://secunia.com/advisories/21983
http://secunia.com/advisories/22417
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
http://www.redhat.com/support/errata/RHSA-2006-0437.html
http://www.redhat.com/support/errata/RHSA-2006-0575.html
http://www.redhat.com/support/errata/RHSA-2006-0579.html
http://www.redhat.com/support/errata/RHSA-2006-0580.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://secunia.com/advisories/20671
http://www.debian.org/security/2006/dsa-1097
http://secunia.com/advisories/19955
https://usn.ubuntu.com/281-1/
http://marc.info/?l=linux-netdev&m=114148078223594&w=2
http://secunia.com/advisories/19357
http://www.securityfocus.com/bid/17203
http://secunia.com/advisories/21045
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://www.osvdb.org/29841
http://www.securityfocus.com/archive/1/435490/100/0/threaded
http://www.trustix.org/errata/2006/0032/
http://www.vupen.com/english/advisories/2006/2071
https://exchange.xforce.ibmcloud.com/vulnerabilities/25425
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875