Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1856

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1856
Last Modified 21 Aug 2010 12:45:26
Published 19 May 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1856

Summary

Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6 Test9 Cvs

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.12

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.12.1

  • Linux Kernel 2.6.12.2

  • Linux Kernel 2.6.12.3

  • Linux Kernel 2.6.12.4

  • Linux Kernel 2.6.12.5

  • Linux Kernel 2.6.12.6

  • Linux Kernel 2.6.13

  • Linux Kernel 2.6.13.1

  • Linux Kernel 2.6.13.2

  • Linux Kernel 2.6.13.3

  • Linux Kernel 2.6.13.4

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.14.1

  • Linux Kernel 2.6.14.2

  • Linux Kernel 2.6.14.3

  • Linux Kernel 2.6.14.4

  • Linux Kernel 2.6.14.5

  • Linux Kernel 2.6.15

  • Linux Kernel 2.6.15.1

  • Linux Kernel 2.6.15.2

  • Linux Kernel 2.6.15.3

  • Linux Kernel 2.6.15.4

  • Linux Kernel 2.6.15.5

  • Linux Kernel 2.6.16

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.9


References

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191524

MLIST - [linux-kernel] 20060426 [PATCH] LSM: add missing hook to do_compat_readv_writev()

MLIST - [linux-security-module] 20050928 readv/writev syscalls are not checked by lsm

UBUNTU - USN-302-1

BID - 18105

REDHAT - RHSA-2006:0493

OSVDB - 25747

MANDRIVA - MDKSA-2006:123

DEBIAN - DSA-1184

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

SECUNIA - 22093

SECUNIA - 21745

SECUNIA - 21045

SECUNIA - 20716

SECUNIA - 20237


Last Updated: 27 May 2016 10:42:14