Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.6
CVSSv2

CVE-2007-1730

Published: 28/03/2007 Updated: 16/10/2018
CVSS v2 Base Score: 6.6 | Impact Score: 9.2 | Exploitability Score: 3.9
VMScore: 670
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:C
Subscribe to Linux Kernel

Vulnerability Summary

Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 2.6.20

linux linux kernel 2.6.20.1

linux linux kernel 2.6.20.2

Vendor Advisories

Ubuntu Security Notice: linux-source-2.6.15⁄2.6.17⁄2.6.20 vulnerabilities
Philipp Richter discovered that the AppleTalk protocol handler did not sufficiently verify the length of packets By sending a crafted AppleTalk packet, a remote attacker could exploit this to crash the kernel (CVE-2007-1357) ...

Exploits

Exploit DB: Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure (1)
/* Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kernel memory Vulnerable Systems: Linux Kernel Versions: >= 2620 with DCCP support enabled Kernel versions <2620 lack DCCP_SOCKOPT_SEND_CSCOV/DCCP_SOCKOP ...
Exploit DB: Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure (2)
#include <netinet/inh> #include <stdioh> #include <sys/typesh> #include <sys/socketh> #include <net/ifh> #include <sys/mmanh> #include <linux/neth> #define BUFSIZE 0x10000000 int main(int argc, char *argv[]) { void *mem = mmap(0, BUFSIZE, PROT_READ | PROT_WRITE, MAP_ANONYMOUS | M ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/23162http://www.securitytracker.com/id?1017820http://marc.info/?l=dccp&m=117509584316267&w=2http://www.ubuntu.com/usn/usn-464-1http://secunia.com/advisories/25392http://securityreason.com/securityalert/2482http://www.vupen.com/english/advisories/2007/1143https://exchange.xforce.ibmcloud.com/vulnerabilities/33274http://www.securityfocus.com/archive/1/464144/100/0/threadedhttp://www.securityfocus.com/archive/1/463934/100/0/threadedhttps://usn.ubuntu.com/464-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/3587/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook