Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2007-1000

Published: 12/03/2007 Updated: 11/10/2017
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Linux Kernel

Vulnerability Summary

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel prior to 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Ubuntu Security Notice: linux-source-2.6.17 vulnerabilities
The compat_sys_mount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode (CVE-2006-7203) ...
Ubuntu Security Notice: linux-source-2.6.15 vulnerability
A flaw was discovered in dvb ULE decapsulation A remote attacker could send a specially crafted message and cause a denial of service (CVE-2006-4623) ...

Exploits

Exploit DB: Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak
/* * Linux Kernel IPV6_Getsockopt_Sticky Memory Leak Proof Of Concept * dreyer 07-2007 * Osu, Tatakae, Sexy Pandas! * * Dumps to stdout the memory mapped between INI and END * * CVE: CVE-2007-1000 BID: 22904 * * Affected: Linux Kernel &lt; 26202 * * bugzillakernelorg/show_bugcgi?id=8134 * * Exploitation based on null ...
Exploit DB: linux-26202.txt
Linux kernel IPV6_Getsockopt_Sticky memory leak proof of concept exploit This affects versions below 26202 ...

References

NVD-CWE-Otherhttp://bugzilla.kernel.org/show_bug.cgi?id=8134http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2http://www.securityfocus.com/bid/22904http://fedoranews.org/cms/node/2787http://fedoranews.org/cms/node/2788http://www.kb.cert.org/vuls/id/920689http://www.osvdb.org/33025http://secunia.com/advisories/24518http://secunia.com/advisories/24777https://issues.rpath.com/browse/RPL-1153http://secunia.com/advisories/24901http://www.redhat.com/support/errata/RHSA-2007-0169.htmlhttp://secunia.com/advisories/25080http://lists.suse.com/archive/suse-security-announce/2007-May/0001.htmlhttp://secunia.com/advisories/25099http://www.securityfocus.com/archive/1/471457http://www.wslabi.com/wabisabilabi/initPublishedBid.do?http://www.mandriva.com/security/advisories?name=MDKSA-2007:078http://www.ubuntu.com/usn/usn-486-1http://www.ubuntu.com/usn/usn-489-1http://secunia.com/advisories/25691http://secunia.com/advisories/24493http://secunia.com/advisories/26133http://secunia.com/advisories/26139http://www.vupen.com/english/advisories/2007/0907https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10015https://nvd.nist.govhttps://usn.ubuntu.com/486-1/https://www.exploit-db.com/exploits/4172/https://www.kb.cert.org/vuls/id/920689
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook