Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2500

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2500
Last Modified 05 Sep 2008 04:51:55
Published 08 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2500

Summary

Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.5


References

SUSE - SUSE-SA:2005:044

MISC - http://lkml.org/lkml/2005/6/23/19

CONFIRM - http://lkml.org/lkml/2005/6/23/126

XF - kernel-xdrxcodearray-dos(21805)

BID - 14470

SECUNIA - 16406

CONFIRM - http://linux.bkbits.net:8080/linux-2.6/cset@42b9c4fdYUuaq0joRUZi8W0Q-2hA1A


Last Updated: 27 May 2016 10:40:32