what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2009-2407

Status Candidate

Overview

Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet.

Related Files

Mandriva Linux Security Advisory 2009-289
Posted Oct 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-289 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These range from buffer overflows to denial of service vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1895, CVE-2009-2406, CVE-2009-2407, CVE-2009-2908, CVE-2009-3290
SHA-256 | 9babe556d8283b253ed966788d3377e9f40ffcfb77f3fdc39643b95c68956950
Debian Linux Security Advisory 1845-1
Posted Jul 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1845-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2009-1895, CVE-2009-2287, CVE-2009-2406, CVE-2009-2407
SHA-256 | ddce2a1f54158deb8c3002cf6fd5f7f63349871281f4dfeaa4907542189e2839
Debian Linux Security Advisory 1844-1
Posted Jul 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1844-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2009-1385, CVE-2009-1389, CVE-2009-1630, CVE-2009-1633, CVE-2009-1895, CVE-2009-1914, CVE-2009-1961, CVE-2009-2406, CVE-2009-2407
SHA-256 | 3e4337776a6b1affbc02de5ed8349b5fee27fdcee9cda24ab22b8932ebc72584
Ubuntu Security Notice 807-1
Posted Jul 29, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-807-1 - Michael Tokarev discovered that the RTL8169 network driver did not correctly validate buffer sizes. A remote attacker on the local network could send specially traffic traffic that would crash the system or potentially grant elevated privileges. Julien Tinnes and Tavis Ormandy discovered that when executing setuid processes the kernel did not clear certain personality flags. A local attacker could exploit this to map the NULL memory page, causing other vulnerabilities to become exploitable. Ubuntu 6.06 was not affected. Matt T. Yourst discovered that KVM did not correctly validate the page table root. A local attacker could exploit this to crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. Ramon de Carvalho Valle discovered that eCryptfs did not correctly validate certain buffer sizes. A local attacker could create specially crafted eCryptfs files to crash the system or gain elevated privileges. Ubuntu 6.06 was not affected.

tags | advisory, remote, denial of service, kernel, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-1389, CVE-2009-1895, CVE-2009-2287, CVE-2009-2406, CVE-2009-2407
SHA-256 | 76e56d56aac365a9fbbf33f82d67fb4d45dbf243bfe856e1d294cc57021817a8
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close