Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2071

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-2071
Last Modified 07 Mar 2011 09:35:06
Published 27 Apr 2006 01:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2071

Summary

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.20

  • Linux Kernel 2.4.21

  • Linux Kernel 2.4.22

  • Linux Kernel 2.4.23

  • Linux Kernel 2.4.23 Ow2

  • Linux Kernel 2.4.24

  • Linux Kernel 2.4.24 Ow1

  • Linux Kernel 2.4.25

  • Linux Kernel 2.4.26

  • Linux Kernel 2.4.27

  • Linux Kernel 2.4.28

  • Linux Kernel 2.4.29

  • Linux Kernel 2.4.3

  • Linux Kernel 2.4.30

  • Linux Kernel 2.4.31

  • Linux Kernel 2.4.32

  • Linux Kernel 2.4.33

  • Linux Kernel 2.4.4

  • Linux Kernel 2.4.5

  • Linux Kernel 2.4.6

  • Linux Kernel 2.4.7

  • Linux Kernel 2.4.8

  • Linux Kernel 2.4.9

  • Linux Kernel 2.6 Test9 Cvs

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.12

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.12.1

  • Linux Kernel 2.6.12.2

  • Linux Kernel 2.6.12.3

  • Linux Kernel 2.6.12.4

  • Linux Kernel 2.6.12.5

  • Linux Kernel 2.6.12.6

  • Linux Kernel 2.6.13

  • Linux Kernel 2.6.13.1

  • Linux Kernel 2.6.13.2

  • Linux Kernel 2.6.13.3

  • Linux Kernel 2.6.13.4

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.14.1

  • Linux Kernel 2.6.14.2

  • Linux Kernel 2.6.14.3

  • Linux Kernel 2.6.14.4

  • Linux Kernel 2.6.14.5

  • Linux Kernel 2.6.15

  • Linux Kernel 2.6.15.1

  • Linux Kernel 2.6.15.2

  • Linux Kernel 2.6.15.3

  • Linux Kernel 2.6.15.4

  • Linux Kernel 2.6.15.5

  • Linux Kernel 2.6.16

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.9


References

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190073

VUPEN - ADV-2006-4502

VUPEN - ADV-2006-1391

CONFIRM - http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b78b6af66a5fbaf17d7e6bfc32384df5e34408c8

CONFIRM - http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6

XF - linux-mprotect-security-bypass(26169)

CONFIRM - http://www.vmware.com/download/esx/esx-254-200610-patch.html

CONFIRM - http://www.vmware.com/download/esx/esx-213-200610-patch.html

CONFIRM - http://www.vmware.com/download/esx/esx-202-200610-patch.html

UBUNTU - USN-302-1

BUGTRAQ - 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2

BUGTRAQ - 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1

BUGTRAQ - 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2

BUGTRAQ - 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4

REDHAT - RHSA-2006:0710

REDHAT - RHSA-2006:0689

REDHAT - RHSA-2006:0580

REDHAT - RHSA-2006:0579

OSVDB - 25139

MANDRIVA - MDKSA-2006:086

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm

SECUNIA - 23064

SECUNIA - 22945

SECUNIA - 22875

SECUNIA - 22497

SECUNIA - 22292

SECUNIA - 21035

SECUNIA - 20716

SECUNIA - 20157


Last Updated: 27 May 2016 10:42:19