This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Novell | First view | 2005-05-02 |
| Product | Linux Desktop | Last view | 2009-11-04 |
| Version | 9 | Type | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:* | 11 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7 | 2009-11-04 | CVE-2009-3547 | Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. |
| 5.9 | 2009-08-18 | CVE-2009-2848 | The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. |
| 9.3 | 2008-11-13 | CVE-2008-5021 | nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory. |
| 5.5 | 2008-09-04 | CVE-2007-6716 | fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. |
| 7.8 | 2008-07-08 | CVE-2008-2812 | The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. |
| 10 | 2006-02-27 | CVE-2006-0736 | Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors. |
| 2.1 | 2005-08-05 | CVE-2005-1767 | traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). |
| 2.1 | 2005-08-05 | CVE-2005-1761 | Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function. |
| 7.2 | 2005-06-09 | CVE-2005-1763 | Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory. |
| 2.1 | 2005-05-02 | CVE-2005-1065 | tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory. |
| 7.2 | 2005-05-02 | CVE-2005-1040 | Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 28% (2) | CWE-476 | NULL Pointer Dereference |
| 28% (2) | CWE-362 | Race Condition |
| 14% (1) | CWE-672 | Operation on a Resource after Expiration or Release |
| 14% (1) | CWE-269 | Improper Privilege Management |
| 14% (1) | CWE-20 | Improper Input Validation |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-172 | Time and State Attacks |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:10487 | Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause... |
| oval:org.mitre.oval:def:10182 | Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows... |
| oval:org.mitre.oval:def:11101 | traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on ... |
| oval:org.mitre.oval:def:6633 | Linux Kernel TTY Operations NULL Pointer Dereference Denial of Service Vulner... |
| oval:org.mitre.oval:def:11632 | The Linux kernel before 2.6.25.10 does not properly perform tty operations, w... |
| oval:org.mitre.oval:def:22645 | ELSA-2008:0612: kernel security and bug fix update (Important) |
| oval:org.mitre.oval:def:28983 | RHSA-2008:0612 -- kernel security and bug fix update (Important) |
| oval:org.mitre.oval:def:10053 | fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does no... |
| oval:org.mitre.oval:def:9642 | nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thun... |
| oval:org.mitre.oval:def:9766 | The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, doe... |
| oval:org.mitre.oval:def:8598 | VMware kernel execve function vulnerability |
| oval:org.mitre.oval:def:11412 | Service Console update for COS kernel |
| oval:org.mitre.oval:def:21973 | ELSA-2009:1243: Oracle Linux 5.x.4 kernel security and bug fix update (Import... |
| oval:org.mitre.oval:def:29153 | RHSA-2009:1243 -- Red Hat Enterprise Linux 5.4 kernel security and bug fix up... |
| oval:org.mitre.oval:def:9327 | Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 a... |
| oval:org.mitre.oval:def:7608 | Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability |
| oval:org.mitre.oval:def:11513 | Service Console update for COS kernel |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 59654 | Linux Kernel fs/pipe.c Multiple Function Locking Error NULL Dereference Local... |
| 57264 | Linux Kernel execve Function current->clear_child_tid Pointer Handling Loc... |
| 50179 | Mozilla Multiple Products nsFrameManager File Input Element Modification Blur... |
| 48466 | Linux Kernel dio Subsystem fs/direct-io.c Local DoS |
| 46926 | Linux Kernel drivers/net/wireless/strip.c TTY Operations Function Pointers NU... |
| 46925 | Linux Kernel drivers/net/wan/x25_asy.c TTY Operations Function Pointers NULL ... |
| 46924 | Linux Kernel drivers/net/slip.c TTY Operations Function Pointers NULL Derefer... |
| 46923 | Linux Kernel drivers/net/ppp_synctty.c TTY Operations Function Pointers NULL ... |
| 46922 | Linux Kernel drivers/net/ppp_async.c TTY Operations Function Pointers NULL De... |
| 46921 | Linux Kernel drivers/net/irda/irtty-sir.c TTY Operations Function Pointers NU... |
| 46920 | Linux Kernel drivers/net/hamradio/mkiss.c TTY Operations Function Pointers NU... |
| 46918 | Linux Kernel drivers/net/hamradio/6pack.c TTY Operations Function Pointers NU... |
| 23403 | SuSE Linux CASA pam_micasa Remote Overflow |
| 18702 | SuSE Linux Kernel Unspecified Stack Fault Exception Local DoS |
| 17546 | Linux Kernel on 64Bit ptrace Function Local Overflow |
| 17479 | Linux Kernel ptrace / restore_sigcontext ar.rsc Access Issue |
| 16633 | netapplet on Novell Linux Unspecified Local Privilege Escalation |
| 16632 | tetex on Novell Linux fonts Directory Symlink File Enumeration |
OpenVAS Exploits
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:1243 centos5 i386 File : nvt/gb_CESA-2009_1243_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:1438 centos4 i386 File : nvt/gb_CESA-2009_1438_kernel_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:1541 centos4 i386 File : nvt/gb_CESA-2009_1541_kernel_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:1548 centos5 i386 File : nvt/gb_CESA-2009_1548_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:1550 centos3 i386 File : nvt/gb_CESA-2009_1550_kernel_centos3_i386.nasl |
| 2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-0919 File : nvt/gb_fedora_2010_0919_kernel_fc11.nasl |
| 2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1500 File : nvt/gb_fedora_2010_1500_kernel_fc11.nasl |
| 2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1804 File : nvt/gb_fedora_2010_1804_kernel_fc11.nasl |
| 2010-02-19 | Name : SuSE Update for kernel SUSE-SA:2010:012 File : nvt/gb_suse_2010_012.nasl |
| 2010-01-15 | Name : SuSE Update for kernel SUSE-SA:2010:001 File : nvt/gb_suse_2010_001.nasl |
| 2009-12-30 | Name : Fedora Core 11 FEDORA-2009-13694 (kernel) File : nvt/fcore_2009_13694.nasl |
| 2009-12-14 | Name : Fedora Core 10 FEDORA-2009-13098 (kernel) File : nvt/fcore_2009_13098.nasl |
| 2009-12-10 | Name : Fedora Core 11 FEDORA-2009-12786 (kernel) File : nvt/fcore_2009_12786.nasl |
| 2009-12-10 | Name : SuSE Security Advisory SUSE-SA:2009:060 (kernel) File : nvt/suse_sa_2009_060.nasl |
| 2009-12-03 | Name : SLES11: Security update for Linux kernel File : nvt/sles11_ext4dev-kmp-def4.nasl |
| 2009-11-23 | Name : Mandriva Security Advisory MDVSA-2009:301 (kernel) File : nvt/mdksa_2009_301.nasl |
| 2009-11-17 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel9.nasl |
| 2009-11-17 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5062456.nasl |
| 2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1540 File : nvt/RHSA_2009_1540.nasl |
| 2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1541 File : nvt/RHSA_2009_1541.nasl |
| 2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1548 File : nvt/RHSA_2009_1548.nasl |
| 2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1550 File : nvt/RHSA_2009_1550.nasl |
| 2009-11-11 | Name : Debian Security Advisory DSA 1927-1 (linux-2.6) File : nvt/deb_1927_1.nasl |
| 2009-11-11 | Name : Debian Security Advisory DSA 1928-1 (linux-2.6.24) File : nvt/deb_1928_1.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2009-A-0105 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0021867 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-10-25 | Mozilla Firefox file type memory corruption attempt RuleID : 40280 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2014-01-10 | Mozilla Firefox file type memory corruption attempt RuleID : 17603 - Type : BROWSER-FIREFOX - Revision : 10 |
Nessus® Vulnerability Scanner
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0004_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-08 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2010-0009_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0014_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0016_remote.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2008-2005.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2008-2006.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2009-0033.nasl - Type: ACT_GATHER_INFO |
| 2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2013-0039.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0612.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0885.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0972.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0973.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2008-0976.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0977.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0978.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-1438.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-1541.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-1548.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-1550.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2009-1541.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2009-1548.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2009-1550.nasl - Type: ACT_GATHER_INFO |
| 2013-03-06 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20091103_kernel_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2009-1466.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2009-1587.nasl - Type: ACT_GATHER_INFO |
