Vulnerabilities > Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-08-18 | CVE-2003-0465 | Unspecified vulnerability in Linux Kernel 2.4.0/2.5.0 The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. | 5.0 |
2003-07-24 | CVE-2003-0418 | Remote Security vulnerability in kernel The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. | 5.0 |
2003-05-27 | CVE-2003-0244 | Remote Denial Of Service vulnerability in Linux Kernel 2.4.0 The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. | 5.0 |
2003-01-17 | CVE-2003-0001 | Information Exposure vulnerability in multiple products Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | 5.0 |
2002-08-12 | CVE-2002-0510 | Unspecified vulnerability in Linux Kernel The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | 5.0 |
2002-01-31 | CVE-2002-0046 | Remote Security vulnerability in Linux Kernel 2.6.20.1 Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet. | 5.0 |
2001-12-06 | CVE-2001-0851 | Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. | 5.0 |
2001-07-07 | CVE-2001-1244 | Denial of Service vulnerability in Multiple Vendor Small TCP MSS Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | 5.0 |
2001-05-03 | CVE-2001-0316 | Unspecified vulnerability in Linux Kernel 2.2.0/2.4.0 Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. | 4.6 |
2001-04-17 | CVE-2001-1391 | Off-by-one Error vulnerability in Linux Kernel Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory. | 5.5 |