Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2014-1690 | First vendor Publication | 2014-02-28 |
| Vendor | Cve | Last vendor Modification | 2023-02-13 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.6 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1690 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-200 | Information Exposure |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:24001 | |||
| Oval ID: | oval:org.mitre.oval:def:24001 | ||
| Title: | USN-2158-1 -- linux-lts-raring vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2158-1 CVE-2013-4345 CVE-2013-6382 CVE-2014-1690 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27266 | |||
| Oval ID: | oval:org.mitre.oval:def:27266 | ||
| Title: | ELSA-2014-3070 -- Unbreakable Enterprise kernel security and bug fix update (important) | ||
| Description: | kernel-uek [3.8.13-44] - net: Use netlink_ns_capable to verify the permisions of netlink messages (Eric W. Biederman) [Orabug: 19404229] {CVE-2014-0181} - net: Add variants of capable for use on netlink messages (Eric W. Biederman) [Orabug: 19404229] - net: Add variants of capable for use on on sockets (Eric W. Biederman) [Orabug: 19404229] - netlink: Rename netlink_capable netlink_allowed (Eric W. Biederman) [Orabug: 19404229] - sctp: Fix sk_ack_backlog wrap-around problem (Xufeng Zhang) [Orabug: 19404238] {CVE-2014-4667} - Revert 'xen/fb: allow xenfb initialization for hvm guests' (Vaughan Cao) [Orabug: 19320529] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3070 CVE-2013-2930 CVE-2013-4579 CVE-2014-1690 | Version: | 5 |
| Platform(s): | Oracle Linux 6 | Product(s): | dtrace-modules kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-04-03 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO |
| 2014-08-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3070.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0439.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-375.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-376.nasl - Type : ACT_GATHER_INFO |
| 2014-04-01 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2158-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2137-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2140-1.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-03-12 12:24:12 |
|
| 2024-02-02 01:26:38 |
|
| 2024-02-01 12:07:53 |
|
| 2023-12-29 01:23:14 |
|
| 2023-11-22 01:23:05 |
|
| 2023-09-05 12:25:13 |
|
| 2023-09-05 01:07:47 |
|
| 2023-09-02 12:25:11 |
|
| 2023-09-02 01:07:54 |
|
| 2023-08-12 12:27:28 |
|
| 2023-08-12 01:07:24 |
|
| 2023-08-11 12:23:20 |
|
| 2023-08-11 01:07:35 |
|
| 2023-08-06 12:22:41 |
|
| 2023-08-06 01:07:22 |
|
| 2023-08-04 12:22:43 |
|
| 2023-08-04 01:07:26 |
|
| 2023-07-14 12:22:42 |
|
| 2023-07-14 01:07:25 |
|
| 2023-03-29 01:24:36 |
|
| 2023-03-28 12:07:46 |
|
| 2023-02-13 05:28:24 |
|
| 2022-10-11 12:20:29 |
|
| 2022-10-11 01:07:34 |
|
| 2022-03-11 01:16:53 |
|
| 2021-05-25 12:13:41 |
|
| 2021-05-04 12:31:44 |
|
| 2021-04-22 01:39:19 |
|
| 2020-09-02 17:22:56 |
|
| 2020-08-11 12:10:34 |
|
| 2020-08-08 01:10:33 |
|
| 2020-08-07 12:10:42 |
|
| 2020-08-07 01:11:11 |
|
| 2020-08-01 12:10:33 |
|
| 2020-07-30 01:11:06 |
|
| 2020-05-23 01:51:18 |
|
| 2020-05-23 00:40:05 |
|
| 2019-01-25 12:06:06 |
|
| 2018-11-17 12:04:38 |
|
| 2018-10-30 12:06:42 |
|
| 2018-08-09 12:02:43 |
|
| 2018-04-25 12:05:31 |
|
| 2017-04-04 13:20:39 |
|
| 2016-08-12 12:01:18 |
|
| 2016-06-30 21:37:33 |
|
| 2016-06-28 22:36:56 |
|
| 2016-04-27 00:17:02 |
|
| 2014-08-24 13:25:18 |
|
| 2014-07-23 13:25:02 |
|
| 2014-06-14 13:37:08 |
|
| 2014-04-19 13:24:34 |
|
| 2014-04-02 13:22:36 |
|
| 2014-03-18 13:24:14 |
|
| 2014-03-11 13:21:26 |
|
| 2014-03-01 13:22:13 |
|
| 2014-02-28 13:23:00 |
|
