Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2490

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-2490
Last Modified 07 Mar 2011 09:24:35
Published 14 Sep 2005 03:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2490

Summary

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6 Test9 Cvs

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.9


References

MISC - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248

SECUNIA - 16747

XF - kernel-sendmsg-bo(22217)

VUPEN - ADV-2005-1878

UBUNTU - USN-178-1

BID - 14785

MANDRAKE - MDKSA-2005:220

MANDRAKE - MDKSA-2005:219

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1

FEDORA - FLSA:157459-2

FEDORA - FLSA:157459-1

FEDORA - FLSA:157459-3

SUSE - SUSE-SA:2005:068

REDHAT - RHSA-2005:663

REDHAT - RHSA-2005:514

MANDRIVA - MDKSA-2005:235

DEBIAN - DSA-1017

SECUNIA - 19374

SECUNIA - 17918

SECUNIA - 17826

SECUNIA - 17073

SECUNIA - 17002

TRUSTIX - 2005-0049


Last Updated: 27 May 2016 10:40:32