Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1343

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-1343
Last Modified 07 Mar 2011 09:32:50
Published 21 Mar 2006 01:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1343

Summary

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.6.0


References

MLIST - [linux-netdev] 20060304 BUG: Small information leak in SO_ORIGINAL_DST (2.4 and 2.6) and

VUPEN - ADV-2006-4502

VUPEN - ADV-2006-2071

XF - linux-sockaddr-memory-leak(25425)

CONFIRM - http://www.vmware.com/download/esx/esx-254-200610-patch.html

CONFIRM - http://www.vmware.com/download/esx/esx-213-200610-patch.html

CONFIRM - http://www.vmware.com/download/esx/esx-202-200610-patch.html

UBUNTU - USN-281-1

TRUSTIX - 2006-0032

BID - 17203

BUGTRAQ - 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2

BUGTRAQ - 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1

BUGTRAQ - 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2

BUGTRAQ - 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4

BUGTRAQ - 20060531 rPSA-2006-0087-1 kernel

REDHAT - RHSA-2006:0580

REDHAT - RHSA-2006:0579

REDHAT - RHSA-2006:0575

REDHAT - RHSA-2006:0437

OSVDB - 29841

MANDRIVA - MDKSA-2006:150

MANDRIVA - MDKSA-2006:123

DEBIAN - DSA-1184

DEBIAN - DSA-1097

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm

SECUNIA - 22875

SECUNIA - 22417

SECUNIA - 22093

SECUNIA - 21983

SECUNIA - 21465

SECUNIA - 21136

SECUNIA - 21045

SECUNIA - 20671

SECUNIA - 19955

SECUNIA - 19357


Last Updated: 27 May 2016 10:42:02