CVE-2009-0269


Published: 26-01-2009
Updated: 29-01-2009

Product:
linux: kernel 2.2.27
linux: kernel 2.4.36
linux: kernel 2.4.36.1
linux: kernel 2.4.36.2
linux: kernel 2.4.36.3
linux: kernel 2.4.36.4
linux: kernel 2.4.36.5
linux: kernel 2.4.36.6
linux: kernel 2.6
linux: kernel 2.6.18
linux: kernel 2.6.18
linux: kernel 2.6.18
linux: kernel 2.6.18
linux: kernel 2.6.18
linux: kernel 2.6.18
linux: kernel 2.6.18
linux: kernel 2.6.19.4
linux: kernel 2.6.19.5
linux: kernel 2.6.19.6
linux: kernel 2.6.19.7
linux: kernel 2.6.20.16
linux: kernel 2.6.20.17
linux: kernel 2.6.20.18
linux: kernel 2.6.20.19
linux: kernel 2.6.20.20
linux: kernel 2.6.20.21
linux: kernel 2.6.21.5
linux: kernel 2.6.21.6
linux: kernel 2.6.21.7
linux: kernel 2.6.22
linux: kernel 2.6.22.1
linux: kernel 2.6.22.10
linux: kernel 2.6.22.11
linux: kernel 2.6.22.12
linux: kernel 2.6.22.13
linux: kernel 2.6.22.14
linux: kernel 2.6.22.15
linux: kernel 2.6.22.17
linux: kernel 2.6.22.18
linux: kernel 2.6.22.19
linux: kernel 2.6.22.2
linux: kernel 2.6.22.20
linux: kernel 2.6.22.21
linux: kernel 2.6.22.22
linux: kernel 2.6.22.8
linux: kernel 2.6.22.9
linux: kernel 2.6.22_rc1
linux: kernel 2.6.22_rc7
linux: kernel 2.6.23
linux: kernel 2.6.23.10
linux: kernel 2.6.23.11
linux: kernel 2.6.23.12
linux: kernel 2.6.23.13
linux: kernel 2.6.23.15
linux: kernel 2.6.23.16
linux: kernel 2.6.23.17
linux: kernel 2.6.23.8
linux: kernel 2.6.23.9
linux: kernel 2.6.23_rc1
linux: kernel 2.6.24
linux: kernel 2.6.24.1
linux: kernel 2.6.24.2
linux: kernel 2.6.24.3
linux: kernel 2.6.24.4
linux: kernel 2.6.24.5
linux: kernel 2.6.24.6
linux: kernel 2.6.24.7
linux: kernel 2.6.24_rc1
linux: kernel 2.6.24_rc4
linux: kernel 2.6.24_rc5
linux: kernel 2.6.25
linux: kernel 2.6.25
linux: kernel 2.6.25.1
linux: kernel 2.6.25.1
linux: kernel 2.6.25.10
linux: kernel 2.6.25.10
linux: kernel 2.6.25.11
linux: kernel 2.6.25.11
linux: kernel 2.6.25.12
linux: kernel 2.6.25.12
linux: kernel 2.6.25.13
linux: kernel 2.6.25.14
linux: kernel 2.6.25.15
linux: kernel 2.6.25.16
linux: kernel 2.6.25.17
linux: kernel 2.6.25.2
linux: kernel 2.6.25.2
linux: kernel 2.6.25.3
linux: kernel 2.6.25.3
linux: kernel 2.6.25.4
linux: kernel 2.6.25.4
linux: kernel 2.6.25.5
linux: kernel 2.6.25.5
linux: kernel 2.6.25.6
linux: kernel 2.6.25.6
linux: kernel 2.6.25.7
linux: kernel 2.6.25.7
linux: kernel 2.6.25.8
linux: kernel 2.6.25.8
linux: kernel 2.6.25.9
linux: kernel 2.6.25.9
linux: kernel 2.6.26
linux: kernel 2.6.26.1
linux: kernel 2.6.26.2
linux: kernel 2.6.26.3
linux: kernel 2.6.26.4
linux: kernel 2.6.26.5
linux: kernel 2.6.27
linux: kernel 2.6.28

Severity: Medium (4.9)

CVSS vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C)

Attack`s vector: Localy exploitable

Potential loss type: Availability

Vulnerability description:
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.

Patch available: Yes

References:
BID: http://www.securityfocus.com/bid/33412
MLIST: https://lists.launchpad.net/ecryptfs-devel/msg00011.html
MLIST: https://lists.launchpad.net/ecryptfs-devel/msg00010.html
XF: http://xforce.iss.net/xforce/xfdb/48188
CONFIRM: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1
CONFIRM: http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=...

Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability

A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software an...

30 september, 2013

Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability

A vulnerability in the Internet Key Exchange (IKE) protocol of Cisco IOS Software and Cisco ...

30 september, 2013

Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability

A vulnerability in the implementation of the Network Time Protocol (NTP) feature in Cisco IO...

30 september, 2013

MS14-035: Cumulative Security Update for Internet Explorer (2969262)

This security update resolves two publicly disclosed vulnerabilities and fifty-seven privately repor...

11 june, 2014

MS14-036: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)

This security update resolves two privately reported vulnerabilities in Microsoft Windows, Microsoft...

11 june, 2014

MS14-034: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)

This security update resolves one privately reported vulnerability in Microsoft Office.

10 june, 2014

CVE-2014-6611

The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, before 5.0.0.263 on BlackBerry 10 OS 10.2.1, and before 5.1.0.53 on BlackBerry 10 OS 10.3.0 does not properly validate download/update requests, which allows user-assisted man-in-the-middle attackers to spoof servers and trigger the download of a crafted app by modifying the client-server data stream.

CVE-2014-6152

Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVE-2014-6151

CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

CVE-2014-5075

The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2014-4624

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

CVE-2014-4623

EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

CVE-2014-4620

The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.

CVE-2014-3636

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call.

CVE-2014-3409

The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.

CVE-2014-3137

Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.

CVE-2014-1929

python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.

CVE-2014-1928

The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\" (backslash) characters to form multi-command sequences, a different vulnerability than CVE-2014-1927.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.

CVE-2014-1927

The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$(" command-substitution sequences, a different vulnerability than CVE-2014-1928.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable.  NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

CVE-2013-4594

The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.

This Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product

This Sun Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product.

14 april, 2010

This Alert Covers CVE-2010-0893 for the Mail Component of the Sun Convergence Product

This Alert covers CVE-2010-0893 for the mail component of the Sun Convergence product.

14 april, 2010

SunOS 5.10_x86: ucode driver patch

6905530 processor microcode code can panic when retrieving microcode revision.

02 february, 2010

[RHSA-2010:1003-01] Moderate: git security update

Red Hat Security Advisory - Moderate: git security update

21 december, 2010

[RHSA-2010:1002-01] Moderate: mod_auth_mysql security update

Red Hat Security Advisory - Moderate: mod_auth_mysql security update

21 december, 2010

[RHSA-2010:1000-01] Important: bind security update

Red Hat Security Advisory - Important: bind security update

20 december, 2010