what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2014-1690

Status Candidate

Overview

The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature.

Related Files

Red Hat Security Advisory 2014-0439-01
Posted Apr 28, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0439-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A denial of service flaw was found in the way the Linux kernel's IPv6 implementation processed IPv6 router advertisement packets. An attacker able to send a large number of RA packets to a target system could potentially use this flaw to crash the target system. A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, remote, denial of service, kernel, protocol
systems | linux, redhat
advisories | CVE-2013-7263, CVE-2013-7265, CVE-2014-0069, CVE-2014-1438, CVE-2014-1690, CVE-2014-1874, CVE-2014-2309, CVE-2014-2523
SHA-256 | 2b623200e0a9ae6450a12d72a8175b17fe8b289abc75e214b50cd7e3b3ee735b
Ubuntu Security Notice USN-2158-1
Posted Apr 1, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2158-1 - Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Nico Golde and Fabian Yamaguchi reported buffer underflow errors in the implementation of the XFS filesystem in the Linux kernel. A local user with CAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory corruption) or possibly other unspecified issues. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4345, CVE-2013-6382, CVE-2014-1690
SHA-256 | 7be186da02dc9637de795e1d1ebb3e3f3911bac940397c36f5cb4ade06b2be03
Ubuntu Security Notice USN-2137-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2137-1 - An information leak was discovered in the Linux kernel when built with the NetFilter Connection Tracking (NF_CONNTRACK) support for IRC protocol (NF_NAT_IRC). A remote attacker could exploit this flaw to obtain potentially sensitive kernel information when communicating over a client- to-client IRC connection(/dcc) via a NAT-ed network. Matthew Thode reported a denial of service vulnerability in the Linux kernel when SELinux support is enabled. A local user with the CAP_MAC_ADMIN capability (and the SELinux mac_admin permission if running in enforcing mode) could exploit this flaw to cause a denial of service (kernel crash). Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-1690, CVE-2014-1874, CVE-2014-2038, CVE-2014-1690, CVE-2014-1874, CVE-2014-2038
SHA-256 | 135254d4a3835d8e1c5e0d02fe66f7218be614b3ff5e798934460fd1e7a634a5
Ubuntu Security Notice USN-2140-1
Posted Mar 7, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2140-1 - An information leak was discovered in the Linux kernel when built with the NetFilter Connection Tracking (NF_CONNTRACK) support for IRC protocol (NF_NAT_IRC). A remote attacker could exploit this flaw to obtain potentially sensitive kernel information when communicating over a client- to-client IRC connection(/dcc) via a NAT-ed network. Matthew Thode reported a denial of service vulnerability in the Linux kernel when SELinux support is enabled. A local user with the CAP_MAC_ADMIN capability (and the SELinux mac_admin permission if running in enforcing mode) could exploit this flaw to cause a denial of service (kernel crash). Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-1690, CVE-2014-1874, CVE-2014-2038, CVE-2014-1690, CVE-2014-1874, CVE-2014-2038
SHA-256 | b12172ee4ac9d1028db3134949a1a76bd789e51a10940e63dfedd1382cc534db
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close