exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2007-1357

Status Candidate

Overview

The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum.

Related Files

Debian Linux Security Advisory 1304-1
Posted Jun 19, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1304-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2005-4811, CVE-2006-4814, CVE-2006-4623, CVE-2006-5753, CVE-2006-5754, CVE-2006-5757, CVE-2006-6053, CVE-2006-6056, CVE-2006-6060, CVE-2006-6106, CVE-2006-6535, CVE-2007-0958, CVE-2007-1357, CVE-2007-1592
SHA-256 | 32a9a2f20377739a47fa7d5c7bff44f5ffa3ce0d0a0a58fdfd7b4b880621dba8
Ubuntu Security Notice 464-1
Posted May 30, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 464-1 - Multiple vulnerabilities have been patched against in the Linux kernel. Philipp Richter discovered that the AppleTalk protocol handler did not sufficiently verify the length of packets. By sending a crafted AppleTalk packet, a remote attacker could exploit this to crash the kernel. Gabriel Campana discovered that the do_ipv6_setsockopt() function did not sufficiently verify option values for IPV6_RTHDR. A local attacker could exploit this to trigger a kernel crash. A Denial of Service vulnerability was discovered in the nfnetlink_log() netfilter function. A remote attacker could exploit this to trigger a kernel crash. The connection tracking module for IPv6 did not properly handle the status field when reassembling fragmented packets, so that the final packet always had the 'established' state. A remote attacker could exploit this to bypass intended firewall rules. Masayuki Nakagawa discovered an error in the flowlabel handling of IPv6 network sockets. A local attacker could exploit this to crash the kernel. The do_dccp_getsockopt() function did not sufficiently verify the optlen argument. A local attacker could exploit this to read kernel memory (which might expose sensitive data) or cause a kernel crash. This only affects Ubuntu 7.04. The IPv4 and DECnet network protocol handlers incorrectly declared an array variable so that it became smaller than intended. By sending crafted packets over a netlink socket, a local attacker could exploit this to crash the kernel.

tags | advisory, remote, denial of service, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2007-1357, CVE-2007-1388, CVE-2007-1496, CVE-2007-1497, CVE-2007-1592, CVE-2007-1730, CVE-2007-2172
SHA-256 | 5ce50556e7095fc936bee41e30d6ea94c9ff6bd833408e463221176b94a11444
Debian Linux Security Advisory 1286-1
Posted May 3, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1286-1 - Several local and remote vulnerabilities have been discovered in the Linux 2.6 kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-0005, CVE-2007-0958, CVE-2007-1357, CVE-2007-1592
SHA-256 | 72ace028690c1ac846278f5e7f4d5d52a2d53a4f7e398bf44dfa8822b2a5e465
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close