CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Linux » Linux Kernel : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2004-0496 +Priv 2004-12-06 2017-07-10
7.2
Admin Local Low Not required Complete Complete Complete
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
502 CVE-2004-0495 +Priv 2004-08-06 2017-10-10
7.2
Admin Local Low Not required Complete Complete Complete
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
503 CVE-2004-0447 DoS 2004-08-06 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS.
504 CVE-2004-0424 DoS Exec Code Overflow 2004-07-07 2017-07-10
7.2
Admin Local Low Not required Complete Complete Complete
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
505 CVE-2004-0228 +Priv 2004-08-18 2017-07-10
7.2
Admin Local Low Not required Complete Complete Complete
Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges.
506 CVE-2004-0186 +Priv 2004-03-15 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
507 CVE-2004-0077 +Priv 2004-03-03 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.
508 CVE-2004-0010 Overflow +Priv 2004-03-03 2017-10-10
7.2
Admin Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
509 CVE-2004-0001 +Priv 2004-02-17 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.
510 CVE-2003-1604 DoS 2016-05-02 2016-11-30
7.8
None Remote Low Not required None None Complete
The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending packets to an interface that has a 0.0.0.0 IP address, a related issue to CVE-2015-8787.
511 CVE-2003-1161 Bypass 2003-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.
512 CVE-2003-0985 DoS +Priv 2004-01-20 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
513 CVE-2003-0961 Overflow +Priv 2003-12-15 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
514 CVE-2003-0127 +Priv 2003-03-31 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
515 CVE-2002-0060 Bypass 2002-03-08 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
516 CVE-2001-1572 Bypass 2001-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.
517 CVE-2001-1398 2001-04-17 2016-12-07
7.5
User Remote Low Not required Partial Partial Partial
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.
518 CVE-2001-1384 +Priv 2001-10-18 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
519 CVE-2001-1056 Bypass 2001-07-30 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request.
520 CVE-2001-0405 Bypass 2001-07-02 2017-10-09
7.5
None Remote Low Not required Partial Partial Partial
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
521 CVE-1999-1442 DoS 1998-06-22 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.
522 CVE-1999-1276 +Priv 1998-12-07 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
523 CVE-1999-1166 +Priv 1999-07-11 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
524 CVE-1999-1018 Bypass 1999-07-27 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.
525 CVE-1999-0781 Exec Code 1998-11-18 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
526 CVE-1999-0381 Overflow 1999-02-26 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
527 CVE-1999-0335 1996-08-01 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
DEPRECATED. This entry has been deprecated. It is a duplicate of CVE-1999-0032.
528 CVE-1999-0330 Overflow 1998-03-01 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
Linux bdash game has a buffer overflow that allows local users to gain root access.
529 CVE-1999-0317 Overflow 1999-11-25 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Linux su command gives root access to local users.
530 CVE-1999-0138 1996-06-26 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
Total number of vulnerabilities : 513   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.