PT-2004-3755 · Debian+2 · Debian+2

Publicado

1970-01-01

·

Atualizado

2020-08-12

·

CVE-2007-6206

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Red Hat Enterprise Linux kernel-doc-2.4.9 version 2.4.9 Debian GNU/Linux kernel-headers-2.4.27-4-itanium-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686-smp version 2.4.27-4 Red Hat Enterprise Linux kernel-BOOT-2.4.9 version 2.4.9 Debian GNU/Linux hostap-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390-tape version 2.4.27-4 Red Hat Enterprise Linux kernel-smp-2.4.18 version 2.4.18 Debian GNU/Linux i2c-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux kernel-build-2.4.27-4 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Red Hat Enterprise Linux kernel-source-2.4.18 version 2.4.18 Red Hat Enterprise Linux kernel-debug-2.4.9 version 2.4.9 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686-smp version 2.4.27-4 Red Hat Enterprise Linux kernel-headers-2.4.9 version 2.4.9 Debian GNU/Linux kernel-image-2.4.27-4-generic version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-686-smp version 2.4.27-4 Red Hat Enterprise Linux kernel-summit-2.4.9 version 2.4.9 Debian GNU/Linux lm-sensors-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc64 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc32 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-mckinley-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-itanium-smp version 2.4.27-4 Red Hat Enterprise Linux kernel-doc-2.4.18 version 2.4.18 Debian GNU/Linux kernel-image-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-mckinley-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-generic version 2.4.27-4 Red Hat Enterprise Linux kernel-smp-2.4.9 version 2.4.9 Debian GNU/Linux kernel-headers-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390x version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7-smp version 2.4.27-4 Red Hat Enterprise Linux kernel-2.4.9 version 2.4.9 Debian GNU/Linux kernel-headers-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7 version 2.4.27-4 Red Hat Enterprise Linux kernel-enterprise-2.4.9 version 2.4.9 Debian GNU/Linux kernel-image-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k7 version 2.4.27-4 Red Hat Enterprise Linux kernel-2.4.18 version 2.4.18 Debian GNU/Linux kernel-headers-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k6 version 2.4.27-4 Red Hat Enterprise Linux kernel-source-2.4.9 version 2.4.9 Debian GNU/Linux i2c-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc32-smp version 2.4.27-4
Description The issue is related to multiple vulnerabilities in various Linux kernel packages, which can lead to disruption of protected information. These vulnerabilities can be exploited remotely. The do coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-189CWE-399CWE-200

Identificadores relacionados

BDU:2015-03581
BDU:2015-03582
BDU:2015-03583
BDU:2015-03584
BDU:2015-03585
BDU:2015-03586
BDU:2015-03587
BDU:2015-03588
BDU:2015-03589
BDU:2015-03590
BDU:2015-03591
BDU:2015-03592
BDU:2015-03593
BDU:2015-03594
BDU:2015-03595
BDU:2015-03596
BDU:2015-03597
BDU:2015-03598
BDU:2015-03599
BDU:2015-03600
BDU:2015-03601
BDU:2015-03602
BDU:2015-03603
BDU:2015-03604
BDU:2015-03605
BDU:2015-03606
BDU:2015-03607
BDU:2015-03608
BDU:2015-03609
BDU:2015-03610
BDU:2015-03611
BDU:2015-03612
BDU:2015-03613
BDU:2015-03614
BDU:2015-03615
BDU:2015-03616
BDU:2015-03617
BDU:2015-03618
BDU:2015-03619
BDU:2015-03620
BDU:2015-03621
BDU:2015-03622
BDU:2015-03623
BDU:2015-03624
BDU:2015-03625
BDU:2015-03626
BDU:2015-03627
BDU:2015-03628
BDU:2015-03629
BDU:2015-03630
BDU:2015-03631
BDU:2015-03632
BDU:2015-03633
BDU:2015-03634
BDU:2015-03635
BDU:2015-03636
BDU:2015-03637
BDU:2015-03638
BDU:2015-03639
BDU:2015-03640
BDU:2015-03641
BDU:2015-03642
BDU:2015-03643
BDU:2015-03644
BDU:2015-03645
BDU:2015-03646
BDU:2015-03647
BDU:2015-03648
BDU:2015-03649
BDU:2015-03650
BDU:2015-03651
BDU:2015-03652
BDU:2015-03653
BDU:2015-03654
BDU:2015-06237
BDU:2015-06238
BDU:2015-06242
BDU:2015-06244
BDU:2015-06253
BDU:2015-06254
BDU:2015-06257
BDU:2015-06259
BDU:2015-06268
BDU:2015-06269
BDU:2015-06272
BDU:2015-06273
BDU:2015-06274
CVE-2007-6206
DSA-1436-1
DSA-1503-1
DSA-1503-2
DSA-1504-1
RHSA-2008:0055
RHSA-2008:0089
RHSA-2008:0211
RHSA-2008:0787
RHSA-2008_0055
RHSA-2008_0089
RHSA-2009:0001

Produtos afetados

Debian
Linux
Red Hat