Computer Security
[EN] securityvulns.ru no-pyccku


Array overflow in Linux kernel
Published:25.05.2007
Source:
SecurityVulns ID:7747
Type:library
Threat Level:
6/10
Description:DecNET dn_fib_props() and TCP/IP fib_props() functions array index overflow.
Affected:LINUX : kernel 2.6
CVE:CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution (25.05.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod