2.1

CVE-2010-3850

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.36.2
SuseLinux Enterprise Desktop Version10 Updatesp3
SuseLinux Enterprise Real Time Extension Version11 Updatesp1
SuseLinux Enterprise Server Version10 Updatesp3
DebianDebian Linux Version5.0
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04 SwEdition-
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version10.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.8% 0.518
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
Third Party Advisory
Mailing List
http://www.vupen.com/english/advisories/2011/0298
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/43291
Third Party Advisory
http://www.debian.org/security/2010/dsa-2126
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:257
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0375
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/43056
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0213
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2
Broken Link
http://openwall.com/lists/oss-security/2010/11/30/1
Patch
Third Party Advisory
Mailing List
http://www.ubuntu.com/usn/USN-1023-1
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=644156
Patch
Third Party Advisory
Issue Tracking
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16c41745c7b92a243d0874f534c1655196c64b74