CVE-2005-2555 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-2555
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2555

Description: Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.

CVE Status: Candidate

References: UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-169-1 SUSE http://www.novell.com/linux/security/advisories/2005_50_kernel.html SAID Secunia Advisory: SA19374 Secunia Advisory: SA19369 Secunia Advisory: SA17073 Secunia Advisory: SA17826 Secunia Advisory: SA17002 REDHAT http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.redhat.com/support/errata/RHSA-2005-514.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:219 MANDRAKE http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:219 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:218 FEDORA http://www.securityfocus.com/archive/1/archive/1/427980/100/0/threaded DEBIAN http://www.debian.org/security/2006/dsa-1018 http://www.debian.org/security/2006/dsa-1017 CONFIRM http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=6fc0b4a7a73a81e74d0004732df358f4f9975be2 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fc0b4a7a73a81e74d0004732df358f4f9975be2 BID 14609

Return to the previous page.