| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2008-5702 |
119 |
|
Overflow |
2008-12-22 |
2012-03-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call. |
|
2 |
CVE-2008-5395 |
119 |
|
DoS Overflow |
2008-12-08 |
2012-03-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. |
|
3 |
CVE-2008-5134 |
119 |
|
Overflow |
2008-11-18 |
2012-03-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response." |
|
4 |
CVE-2008-5025 |
119 |
|
DoS Overflow Mem. Corr. |
2008-11-17 |
2012-10-30 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. |
|
5 |
CVE-2008-4933 |
119 |
|
DoS Overflow Mem. Corr. |
2008-11-05 |
2012-03-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. |
|
6 |
CVE-2008-3915 |
119 |
|
Overflow |
2008-09-10 |
2012-03-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl. |
|
7 |
CVE-2008-3526 |
189 |
|
DoS Overflow |
2008-08-27 |
2012-03-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option. |
|
8 |
CVE-2008-3496 |
119 |
|
Overflow |
2008-08-06 |
2012-03-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. |
|
9 |
CVE-2008-3276 |
189 |
|
DoS Overflow |
2008-08-18 |
2012-10-29 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field. |
|
10 |
CVE-2008-3275 |
399 |
|
DoS Overflow |
2008-08-12 |
2012-10-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. |
|
11 |
CVE-2008-2826 |
189 |
|
DoS Overflow |
2008-07-02 |
2012-10-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure. |
|
12 |
CVE-2008-1673 |
119 |
|
DoS Exec Code Overflow |
2008-06-09 |
2012-11-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. |
