CVE-2007-5904

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

References

http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=commitdiff;h=133672efbc1085f9af990bdc145e1822ea93bcf3

http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html

http://marc.info/?l=linux-kernel&m=119455843205403&w=2

http://marc.info/?l=linux-kernel&m=119457447724276&w=2

http://secunia.com/advisories/27666

http://secunia.com/advisories/27888

http://secunia.com/advisories/27912

http://secunia.com/advisories/28643

http://secunia.com/advisories/28826

http://secunia.com/advisories/29245

http://secunia.com/advisories/29387

http://secunia.com/advisories/29570

http://secunia.com/advisories/30769

http://secunia.com/advisories/30818

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048

http://www.debian.org/security/2007/dsa-1428

http://www.novell.com/linux/security/advisories/2007_63_kernel.html

http://www.redhat.com/support/errata/RHSA-2008-0089.html

http://www.redhat.com/support/errata/RHSA-2008-0167.html

http://www.securityfocus.com/archive/1/487808/100/0/threaded

http://www.securityfocus.com/bid/26438

http://www.securitytracker.com/id?1019612

http://www.ubuntu.com/usn/usn-618-1

http://www.vupen.com/english/advisories/2007/3860

https://exchange.xforce.ibmcloud.com/vulnerabilities/38450

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9901

Details

Source: MITRE

Published: 2007-11-09

Updated: 2018-10-15

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:A/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 2.6.23 (inclusive)

Tenable Plugins

View all (16 total)

IDNameProductFamilySeverity
67665Oracle Linux 4 : kernel (ELSA-2008-0167)NessusOracle Linux Local Security Checks
medium
67645Oracle Linux 5 : kernel (ELSA-2008-0089)NessusOracle Linux Local Security Checks
medium
60372Scientific Linux Security Update : kernel on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60351Scientific Linux Security Update : kernel on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
59125SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4745)NessusSuSE Local Security Checks
high
43672CentOS 5 : kernel (CESA-2008:0089)NessusCentOS Local Security Checks
medium
33255Ubuntu 6.06 LTS / 7.04 / 7.10 : linux-source-2.6.15/20/22 vulnerabilities (USN-618-1)NessusUbuntu Local Security Checks
high
33252openSUSE 10 Security Update : kernel (kernel-5336)NessusSuSE Local Security Checks
high
31595RHEL 4 : kernel (RHSA-2008:0167)NessusRed Hat Local Security Checks
medium
31586CentOS 4 : kernel (CESA-2008:0167)NessusCentOS Local Security Checks
medium
30090RHEL 5 : kernel (RHSA-2008:0089)NessusRed Hat Local Security Checks
medium
29880openSUSE 10 Security Update : kernel (kernel-4752)NessusSuSE Local Security Checks
high
29489SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4741)NessusSuSE Local Security Checks
high
29263Debian DSA-1428-2 : linux-2.6 - several vulnerabilitiesNessusDebian Local Security Checks
high
29248openSUSE 10 Security Update : kernel (kernel-4749)NessusSuSE Local Security Checks
high
801448CentOS RHSA-2008-0167 Security CheckLog Correlation EngineGeneric
high