CVE-2006-0038 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-0038
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0038

Description: Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25400 UBUNTU http://www.ubuntu.com/usn/usn-302-1 SAID Secunia Advisory: SA19330 Secunia Advisory: SA20671 Secunia Advisory: SA20716 Secunia Advisory: SA20914 Secunia Advisory: SA21465 Secunia Advisory: SA22417 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0575.html DEBIAN http://www.debian.org/security/2006/dsa-1103 http://www.debian.org/security/2006/dsa-1097 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ee4bb818ae35f68d1f848eae0a7b150a38eb4168 BID 17178

Return to the previous page.