Vulnerability & Exploit Database

Displaying all 6 entries

Results for: CVE-2016-4580 Back to search

SUSE: CVE-2016-4580: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 23, 2016

The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.

Debian: CVE-2016-4580: linux -- security update Vulnerability

  • Severity: 5
  • Published: May 23, 2016

The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.

Alpine Linux: CVE-2015-6564: OpenSSH multiple authentication issues Vulnerability

  • Severity: 7
  • Published: August 23, 2015

Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

Alpine Linux: CVE-2015-6563: OpenSSH multiple authentication issues Vulnerability

  • Severity: 2
  • Published: August 23, 2015

The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related t...