CVE-2006-5753

Current Description

Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

Basic Data

PublishedJanuary 30, 2007
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score7.2
SeverityHIGH
Exploitability Score3.9
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel2.6.20.1*******
    2.3OSRedhatEnterprise Linux4.0*advanced_server*****
    2.3OSRedhatEnterprise Linux4.0*enterprise_server*****
    2.3OSRedhatEnterprise Linux4.0*workstation*****
    2.3OSRedhatEnterprise Linux Desktop4.0*******

Vulnerable Software List

VendorProductVersions
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Linux Linux Kernel 2.6.20.1

References

NameSourceURLTags
FEDORA-2007-277http://fedoranews.org/cms/node/2739FEDORA
FEDORA-2007-291http://fedoranews.org/cms/node/2740FEDORA
http://lkml.org/lkml/2007/1/3/150http://lkml.org/lkml/2007/1/3/150MISC
33020http://osvdb.org/33020OSVDB
23955http://secunia.com/advisories/23955SECUNIA
23997http://secunia.com/advisories/23997SECUNIA
24098http://secunia.com/advisories/24098SECUNIA
24100http://secunia.com/advisories/24100SECUNIA
24206http://secunia.com/advisories/24206SECUNIA
24400http://secunia.com/advisories/24400SECUNIA
24429http://secunia.com/advisories/24429SECUNIA
24482http://secunia.com/advisories/24482SECUNIA
24547http://secunia.com/advisories/24547SECUNIA
25226http://secunia.com/advisories/25226SECUNIA
25683http://secunia.com/advisories/25683SECUNIA
25691http://secunia.com/advisories/25691SECUNIA
25714http://secunia.com/advisories/25714SECUNIA
29058http://secunia.com/advisories/29058SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2007-063.htmhttp://support.avaya.com/elmodocs2/security/ASA-2007-063.htmCONFIRM
DSA-1304http://www.debian.org/security/2007/dsa-1304DEBIAN
DSA-1503http://www.debian.org/security/2008/dsa-1503DEBIAN
MDKSA-2007:040http://www.mandriva.com/security/advisories?name=MDKSA-2007:040MANDRIVA
MDKSA-2007:060http://www.mandriva.com/security/advisories?name=MDKSA-2007:060MANDRIVA
SUSE-SA:2007:018http://www.novell.com/linux/security/advisories/2007_18_kernel.htmlSUSE
SUSE-SA:2007:021http://www.novell.com/linux/security/advisories/2007_21_kernel.htmlSUSE
SUSE-SA:2007:030http://www.novell.com/linux/security/advisories/2007_30_kernel.htmlSUSE
SUSE-SA:2007:035http://www.novell.com/linux/security/advisories/2007_35_kernel.htmlSUSE
RHSA-2007:0014http://www.redhat.com/support/errata/RHSA-2007-0014.htmlREDHAT
20070615 rPSA-2007-0124-1 kernel xenhttp://www.securityfocus.com/archive/1/471457BUGTRAQ
22316http://www.securityfocus.com/bid/22316BID
USN-416-1http://www.ubuntu.com/usn/usn-416-1UBUNTU
https://issues.rpath.com/browse/RPL-1106https://issues.rpath.com/browse/RPL-1106CONFIRM
oval:org.mitre.oval:def:9371https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9371OVAL