Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2005-2555 - CERT CVE
CVE-2005-2555
ID
CVE-2005-2555
Sažetak
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.
Reference
http://www.novell.com/linux/security/advisories/2005_50_kernel.html
http://www.securityfocus.com/bid/14609
http://www.redhat.com/support/errata/RHSA-2005-514.html
http://www.redhat.com/support/errata/RHSA-2005-663.html
http://www.debian.org/security/2006/dsa-1017
http://secunia.com/advisories/17073
http://secunia.com/advisories/17826
http://www.debian.org/security/2006/dsa-1018
http://secunia.com/advisories/19374
http://secunia.com/advisories/19369
http://secunia.com/advisories/17002
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
http://www.vupen.com/english/advisories/2005/1878
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10444
https://usn.ubuntu.com/169-1/
http://www.securityfocus.com/archive/1/427980/100/0/threaded
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=6fc0b4a7a73a81e74d0004732df358f4f9975be2
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fc0b4a7a73a81e74d0004732df358f4f9975be2
CVSS
Base:
4.6
Impact:
6.4
Exploitability:
3.9
Pristup
Vektor
Složenost
Autentikacija
LOCAL
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
PARTIAL
PARTIAL
CVSS vektor
AV:L/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje
07-11-2023 - 01:57
Objavljeno
16-08-2005 - 04:00
