Vulnerabilities > Linux > Linux Kernel > 2.6.20.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-28 | CVE-2007-1730 | Local Information Disclosure vulnerability in Linux Kernel 2.6.20/2.6.20.1/2.6.20.2 Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value. | 6.6 |
2007-03-16 | CVE-2007-1497 | Unspecified vulnerability in Linux Kernel nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments. | 5.0 |
2007-03-16 | CVE-2007-1496 | NULL Pointer Dereference vulnerability in Linux Kernel Netfilter NFNetLink_Log nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference. | 4.9 |
2007-03-12 | CVE-2007-1000 | Information Disclosure vulnerability in Linux Kernel IPV6_Getsockopt_Sticky Memory Leak The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference. | 7.2 |
2007-02-24 | CVE-2006-7051 | Denial-Of-Service vulnerability in kernel The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory. | 4.9 |
2007-02-23 | CVE-2007-1089 | Local Security vulnerability in IBM DB2 Universal Database 8.0/9.1 IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors. | 7.2 |
2007-02-23 | CVE-2007-1086 | Local Privilege Escalation vulnerability in IBM DB2 Universal Database Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access." | 7.2 |
2007-01-12 | CVE-2006-6921 | Denial-Of-Service vulnerability in Linux Kernel 2.6.20.1 Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died. | 2.1 |
2006-11-22 | CVE-2006-6058 | Numeric Errors vulnerability in Linux Kernel The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. | 4.0 |
2006-07-05 | CVE-2006-2935 | Classic Buffer Overflow vulnerability in multiple products The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. | 4.6 |