Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2005-0400 | First vendor Publication | 2005-05-02 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0400 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10336 | |||
| Oval ID: | oval:org.mitre.oval:def:10336 | ||
| Title: | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | ||
| Description: | The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-0400 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-10-10 | Name : SLES9: Security update for kernel File : nvt/sles9p5009598.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 15115 | Linux Kernel ext2 Directory Creation Arbitrary Memory Disclosure The Linux kernel EXT2 filesystem contains a flaw that may lead to an unauthorized information disclosure. The problem is that the 'ext2_make_empty()' function does not properly clear filesystem contents when creating a directory and the block written to store the '.' and '..' directory entries remains uninitialized. Up to 4,072 bytes of kernel memory may be leaked on each directory creation, which may allow a malicious user to disclose sensitive kernel memory contents resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-366.nasl - Type : ACT_GATHER_INFO |
| 2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-663.nasl - Type : ACT_GATHER_INFO |
| 2006-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0191.nasl - Type : ACT_GATHER_INFO |
| 2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-103-1.nasl - Type : ACT_GATHER_INFO |
| 2005-10-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-663.nasl - Type : ACT_GATHER_INFO |
| 2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-313.nasl - Type : ACT_GATHER_INFO |
| 2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-110.nasl - Type : ACT_GATHER_INFO |
| 2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-111.nasl - Type : ACT_GATHER_INFO |
| 2005-06-10 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_029.nasl - Type : ACT_GATHER_INFO |
| 2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-262.nasl - Type : ACT_GATHER_INFO |
| 2005-04-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-366.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:22:19 |
|
| 2024-11-28 12:06:46 |
|
| 2024-08-02 12:03:09 |
|
| 2024-08-02 01:01:38 |
|
| 2024-02-02 01:02:54 |
|
| 2024-02-01 12:01:39 |
|
| 2023-09-05 12:02:45 |
|
| 2023-09-05 01:01:30 |
|
| 2023-09-02 12:02:46 |
|
| 2023-09-02 01:01:30 |
|
| 2023-08-12 12:03:20 |
|
| 2023-08-12 01:01:31 |
|
| 2023-08-11 12:02:53 |
|
| 2023-08-11 01:01:33 |
|
| 2023-08-06 12:02:40 |
|
| 2023-08-06 01:01:31 |
|
| 2023-08-04 12:02:44 |
|
| 2023-08-04 01:01:32 |
|
| 2023-07-14 12:02:43 |
|
| 2023-07-14 01:01:32 |
|
| 2023-03-29 01:02:48 |
|
| 2023-03-28 12:01:37 |
|
| 2022-10-11 12:02:26 |
|
| 2022-10-11 01:01:24 |
|
| 2022-03-11 01:02:15 |
|
| 2021-05-04 12:02:47 |
|
| 2021-04-22 01:02:59 |
|
| 2020-08-08 01:01:24 |
|
| 2020-07-30 01:01:25 |
|
| 2020-05-23 01:36:29 |
|
| 2020-05-23 00:16:21 |
|
| 2019-01-25 12:01:27 |
|
| 2018-10-30 12:01:36 |
|
| 2018-10-04 00:19:24 |
|
| 2017-10-11 09:23:28 |
|
| 2017-07-11 12:01:50 |
|
| 2016-10-18 12:01:35 |
|
| 2016-08-05 12:00:56 |
|
| 2016-06-28 23:50:07 |
|
| 2016-06-28 15:14:47 |
|
| 2016-04-26 13:17:18 |
|
| 2014-02-17 10:30:06 |
|
| 2013-05-11 11:21:13 |
|
