This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/o:linux:linux_kernel:2.6.17.1 |
| Detail | |||
|---|---|---|---|
| Vendor | Linux | First view | 2006-06-30 |
| Product | Linux Kernel | Last view | 2013-03-01 |
| Version | 2.6.17.1 | Type | Os |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/o:linux:linux_kernel | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4 | 2013-03-01 | CVE-2011-3638 | Local | High | None Requ... | |
| 4.9 | 2013-03-01 | CVE-2011-2491 | Local | Low | None Requ... | |
| 4.9 | 2013-03-01 | CVE-2011-2479 | Local | Low | None Requ... | |
| 3.6 | 2013-03-01 | CVE-2011-1182 | Local | Low | None Requ... | |
| 1.9 | 2013-03-01 | CVE-2011-1019 | Local | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5.4 | 2012-10-03 | CVE-2012-3552 | Network | High | None Requ... | |
| 5.6 | 2012-10-03 | CVE-2012-3510 | Local | Low | None Requ... | |
| 5 | 2012-06-16 | CVE-2012-1583 | Network | Low | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-4081 | Local | Low | None Requ... | |
| 4 | 2012-05-24 | CVE-2011-4080 | Local | High | None Requ... | |
| 5.4 | 2012-05-24 | CVE-2011-3363 | Network | High | None Requ... | |
| 5.4 | 2012-05-24 | CVE-2011-3359 | Network | High | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-3353 | Local | Low | None Requ... | |
| 10 | 2012-05-24 | CVE-2011-3191 | Network | Low | None Requ... | |
| 6.8 | 2012-05-24 | CVE-2011-3188 | Network | Medium | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-2918 | Local | Low | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-2906 | Local | Low | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-2898 | Local | Low | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-2707 | Local | Low | None Requ... | |
| 7.8 | 2012-05-24 | CVE-2011-2699 | Network | Low | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-2521 | Local | Low | None Requ... | |
| 4.9 | 2012-05-24 | CVE-2011-2518 | Local | Low | None Requ... | |
| 7.2 | 2012-05-24 | CVE-2011-2517 | Local | Low | None Requ... | |
| 10 | 2012-05-17 | CVE-2012-1146 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 23% (69) | CWE-399 | Resource Management Errors |
| 15% (46) | CWE-189 | Numeric Errors |
| 13% (40) | CWE-20 | Improper Input Validation |
| 12% (37) | CWE-200 | Information Exposure |
| 12% (37) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| % | id | Name |
|---|---|---|
| 11% (33) | CWE-264 | Permissions, Privileges, and Access Controls |
| 5% (15) | CWE-362 | Race Condition |
| 2% (6) | CWE-16 | Configuration |
| 0% (2) | CWE-310 | Cryptographic Issues |
| 0% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (1) | CWE-287 | Improper Authentication |
CAPEC : Common Attack Pattern Enumeration & Classificatio
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Name |
|---|---|
| CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| id | Name |
|---|---|
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-17 | Accessing, Modifying or Executing Executable Files |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-59 | Session Credential Falsification through Prediction |
| CAPEC-60 | Reusing Session IDs (aka Session Replay) |
| CAPEC-61 | Session Fixation |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:11336 | The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17... |
| oval:org.mitre.oval:def:10932 | SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.... |
| oval:org.mitre.oval:def:9809 | Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to ... |
| oval:org.mitre.oval:def:10060 | Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gai... |
| oval:org.mitre.oval:def:11250 | The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 bef... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:10706 | Unspecified vulnerability in the sctp_make_abort_user function in the SCTP im... |
| oval:org.mitre.oval:def:10388 | The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel... |
| oval:org.mitre.oval:def:9885 | The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.... |
| oval:org.mitre.oval:def:9311 | The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kerne... |
| oval:org.mitre.oval:def:10151 | Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in ... |
| oval:org.mitre.oval:def:10111 | Race condition in the __find_get_block_slow function in the ISO9660 filesyste... |
| oval:org.mitre.oval:def:10588 | The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a... |
| oval:org.mitre.oval:def:10992 | The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause... |
| oval:org.mitre.oval:def:10006 | The ext2 file system code in Linux kernel 2.6.x allows local users to cause a... |
| oval:org.mitre.oval:def:9949 | Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hoo... |
| oval:org.mitre.oval:def:10891 | Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetoo... |
| oval:org.mitre.oval:def:10343 | Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binari... |
| oval:org.mitre.oval:def:10503 | Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in... |
| oval:org.mitre.oval:def:11509 | The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel b... |
| oval:org.mitre.oval:def:10130 | net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copi... |
| oval:org.mitre.oval:def:11616 | The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before ... |
| oval:org.mitre.oval:def:9960 | The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x ... |
| oval:org.mitre.oval:def:10116 | The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_p... |
| oval:org.mitre.oval:def:9936 | The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when ... |
| oval:org.mitre.oval:def:10494 | The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel ... |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 78302 | Linux Kernel m_stop() Implementation Local DoS |
| 78301 | Linux Kernel NSF O_Direct Implementation Local DoS |
| 78226 | Linux Kernel fs/xfs/xfs_acl.c xfs_acl_from_disk() Function Memory Corruption |
| 78225 | Linux Kernel net/ipv4/igmp.c igmp_heard_query() Function IGMP Query Parsing R... |
| 77485 | Linux Kernel /mm/oom_kill.c Local Overflow |
| id | Description |
|---|---|
| 77360 | Linux Kernel TX_SKB_SHARING Local DoS |
| 77295 | Linux Kernel UFO IPv6 UDP Datagram Parsing Remote DoS |
| 77293 | Linux Kernel b43 Driver Wireless Interface Frame Parsing Remote DoS |
| 76805 | Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo... |
| 76666 | Linux Kernel ext4 Extent Splitting BUG_ON() Local DoS |
| 76639 | Linux Kernel NULL Pointer Dereference ghash Algorithm Local DoS |
| 76259 | Linux Kernel fs/fuse/dev.fuse_notify_inval_entry() Function FUSE_NOTIFY_INVAL... |
| 76177 | Linux Kernel Performance Events NMI Watchdog Local DoS |
| 76176 | Linux Kernel Multiple Function Local Information Disclosure |
| 75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
| 75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
| 74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
| 74881 | Linux Kernel si4713-i2c si4713_write_econtrol_string Function Radio Driver Lo... |
| 74823 | Linux Kernel fs/befs/linuxvfs.c befs_follow_link Function Be Filesystem Symli... |
| 74679 | Linux Kernel Bluetooth net/bluetooth/l2cap_core.c l2cap_config_req Function O... |
| 74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
| 74660 | Linux Kernel NFS Server File Locking Local DoS |
| 74658 | Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass |
| 74657 | Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL... |
| 74654 | Linux Kernel EFI GUID Partition Table (GPT) Implementation Crafted Partition ... |
Milw0rm Exploits
| id | Description |
|---|---|
| 2009-08-26 | Linux Kernel <= 2.6.30 atalk_getname() 8-bytes Stack Disclosure Exploit |
| 2009-08-25 | Linux Kernel <= 2.6.31-rc7 AF_LLC getsockname 5-Byte Stack Disclosure |
| 2008-02-09 | Linux Kernel 2.6.17 - 2.6.24.1 vmsplice Local Root Exploit |
ExploitDB Exploits
| id | Description |
|---|---|
| 18378 | Linux IGMP Remote Denial Of Service (Introduced in linux-2.6.36) |
| 17787 | Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit |
| 16973 | Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit |
| 16952 | Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS |
| 16263 | Linux Kernel <= 2.6.37 Local Kernel Denial of Service |
| id | Description |
|---|---|
| 15774 | Linux Kernel < 2.6.37-rc2 ACPI custom_method Privilege Escalation |
| 15704 | Linux Kernel <= 2.6.37 Local Privilege Escalation |
| 15344 | Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability |
| 15285 | Linux RDS Protocol Local Privilege Escalation |
| 15150 | Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure |
| 14814 | Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit |
| 14594 | Linux Kernel <= 2.6.33.3 SCTP INIT Remote DoS |
| 9575 | Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit |
| 9574 | Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit (x86/x64) |
| 9543 | Linux Kernel < 2.6.31-rc7 AF_IRDA 29-Byte Stack Disclosure Exploit |
| 9542 | Linux Kernel 2.6 < 2.6.19 (32bit) ip_append_data() ring0 Root Exploit |
| 2031 | Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate) |
| 2006 | Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (3) |
| 2004 | Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit |
