CVE-2005-3272

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.

References

http://linux.bkbits.net:8080/linux-2.6/[email protected]

http://secunia.com/advisories/18056

http://secunia.com/advisories/20237

http://secunia.com/advisories/21745

http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

http://www.debian.org/security/2005/dsa-922

http://www.mandriva.com/security/advisories?name=MDKSA-2007:025

http://www.redhat.com/support/errata/RHSA-2006-0493.html

http://www.securityfocus.com/bid/15536

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10157

https://usn.ubuntu.com/219-1/

Details

Source: MITRE

Published: 2005-10-21

Updated: 2018-10-03

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (5 total)

IDNameProductFamilySeverity
65105Ubuntu 4.10 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-219-1)NessusUbuntu Local Security Checks
medium
22788Debian DSA-922-1 : kernel-source-2.6.8 - several vulnerabilitiesNessusDebian Local Security Checks
high
21997CentOS 4 : kernel (CESA-2006:0493)NessusCentOS Local Security Checks
high
21592RHEL 4 : kernel (RHSA-2006:0493)NessusRed Hat Local Security Checks
high
801418CentOS RHSA-2006-0493 Security CheckLog Correlation EngineGeneric
high