Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2006-1343

Published: 21/03/2006 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Linux Kernel

Vulnerability Summary

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 2.6.0

linux linux kernel 2.4.0

Vendor Advisories

Ubuntu Security Notice: linux-source-2.6.10, linux-source-2.6.12 vulnerabilities
The sys_mbind() function did not properly verify the validity of the ‘maxnod’ argument A local user could exploit this to trigger a buffer overflow, which caused a kernel crash (CVE-2006-0557) ...
Debian Security Advisories: DSA-1184-2 kernel-source-2.6.8 -- several vulnerabilities
This advisory covers the S/390 components of the recent security update for the Linux 268 kernel that were missing due to technical problems For reference, please see the text of the original advisory Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitr ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2006-0437.htmlhttp://www.vupen.com/english/advisories/2006/4502http://www.securityfocus.com/archive/1/435490/100/0/threadedhttp://www.redhat.com/support/errata/RHSA-2006-0579.htmlhttps://usn.ubuntu.com/281-1/http://www.osvdb.org/29841http://secunia.com/advisories/22875http://secunia.com/advisories/21136http://www.mandriva.com/security/advisories?name=MDKSA-2006:150http://www.vmware.com/download/esx/esx-202-200610-patch.htmlhttp://www.trustix.org/errata/2006/0032/http://www.mandriva.com/security/advisories?name=MDKSA-2006:123http://www.securityfocus.com/archive/1/451426/100/200/threadedhttp://secunia.com/advisories/21983http://www.vmware.com/download/esx/esx-213-200610-patch.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25425http://www.debian.org/security/2006/dsa-1097http://www.redhat.com/support/errata/RHSA-2006-0575.htmlhttp://secunia.com/advisories/19955https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875http://www.redhat.com/support/errata/RHSA-2006-0580.htmlhttp://support.avaya.com/elmodocs2/security/ASA-2006-180.htmhttp://www.vmware.com/download/esx/esx-254-200610-patch.htmlhttp://secunia.com/advisories/19357http://secunia.com/advisories/21465http://www.securityfocus.com/archive/1/451404/100/0/threadedhttp://secunia.com/advisories/21045http://support.avaya.com/elmodocs2/security/ASA-2006-200.htmhttp://www.securityfocus.com/archive/1/451417/100/200/threadedhttp://secunia.com/advisories/22417http://www.securityfocus.com/bid/17203http://secunia.com/advisories/22093http://secunia.com/advisories/20671http://www.vupen.com/english/advisories/2006/2071http://www.securityfocus.com/archive/1/451419/100/200/threadedhttp://www.debian.org/security/2006/dsa-1184http://marc.info/?l=linux-netdev&m=114148078223594&w=2https://usn.ubuntu.com/281-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook