Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for grsecurity_kernel_patch by grsecurity
CVE-2008-1940 (GCVE-0-2008-1940)
Vulnerability from nvd – Published: 2008-04-24 19:00 – Updated: 2024-08-07 08:41
VLAI
Summary
The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.grsecurity.org/news.php#grsec21113 | x_refsource_CONFIRM |
| http://secunia.com/advisories/29899 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securitytracker.com/id?1019919 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2008/1323… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/28889 | vdb-entryx_refsource_BID |
Date Public
2008-04-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:41:00.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "grsecurity-rbac-security-bypass(41952)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41952"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.grsecurity.org/news.php#grsec21113"
},
{
"name": "29899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29899"
},
{
"name": "1019919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019919"
},
{
"name": "ADV-2008-1323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1323/references"
},
{
"name": "28889",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28889"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "grsecurity-rbac-security-bypass(41952)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41952"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.grsecurity.org/news.php#grsec21113"
},
{
"name": "29899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29899"
},
{
"name": "1019919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019919"
},
{
"name": "ADV-2008-1323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1323/references"
},
{
"name": "28889",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28889"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "grsecurity-rbac-security-bypass(41952)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41952"
},
{
"name": "http://www.grsecurity.org/news.php#grsec21113",
"refsource": "CONFIRM",
"url": "http://www.grsecurity.org/news.php#grsec21113"
},
{
"name": "29899",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29899"
},
{
"name": "1019919",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019919"
},
{
"name": "ADV-2008-1323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1323/references"
},
{
"name": "28889",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28889"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1940",
"datePublished": "2008-04-24T19:00:00.000Z",
"dateReserved": "2008-04-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:41:00.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0253 (GCVE-0-2007-0253)
Vulnerability from nvd – Published: 2007-01-16 23:00 – Updated: 2024-08-07 12:12 Disputed
VLAI
Summary
Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.digitalarmaments.com/news_news.shtml | x_refsource_MISC |
| http://grsecurity.net/news.php#digitalfud | x_refsource_MISC |
| http://forums.grsecurity.net/viewtopic.php?t=1646 | x_refsource_MISC |
Date Public
2007-01-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-01-19T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.digitalarmaments.com/news_news.shtml",
"refsource": "MISC",
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"name": "http://grsecurity.net/news.php#digitalfud",
"refsource": "MISC",
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "http://forums.grsecurity.net/viewtopic.php?t=1646",
"refsource": "MISC",
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0253",
"datePublished": "2007-01-16T23:00:00.000Z",
"dateReserved": "2007-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:12:17.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0257 (GCVE-0-2007-0257)
Vulnerability from nvd – Published: 2007-01-16 23:00 – Updated: 2025-01-17 14:11 Disputed
VLAI
Summary
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
13 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017509 | vdb-entryx_refsource_SECTRACK |
| http://www.digitalarmaments.com/pre2007-00018659.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/456626/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/456722/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/462302/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.digitalarmaments.com/news_news.shtml | x_refsource_MISC |
| http://grsecurity.net/news.php#digitalfud | x_refsource_MISC |
| http://secunia.com/advisories/23713 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/22014 | vdb-entryx_refsource_BID |
| http://forums.grsecurity.net/viewtopic.php?t=1646 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/457509/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/0155 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/32727 | vdb-entryx_refsource_OSVDB |
Date Public
2007-01-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017509"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalarmaments.com/pre2007-00018659.html"
},
{
"name": "20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456626/100/0/threaded"
},
{
"name": "20070112 Lies? [Was: Re: Digital Armaments Security Pre-Advisory11.01.2007: Grsecurity Kernel PaX - Local root vulnerability]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456722/100/0/threaded"
},
{
"name": "20070309 Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462302/100/100/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "23713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23713"
},
{
"name": "22014",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22014"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
},
{
"name": "20070120 Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457509/100/0/threaded"
},
{
"name": "ADV-2007-0155",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0155"
},
{
"name": "32727",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32727"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2007-0257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T20:13:33.925048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T14:11:44.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017509"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalarmaments.com/pre2007-00018659.html"
},
{
"name": "20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456626/100/0/threaded"
},
{
"name": "20070112 Lies? [Was: Re: Digital Armaments Security Pre-Advisory11.01.2007: Grsecurity Kernel PaX - Local root vulnerability]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456722/100/0/threaded"
},
{
"name": "20070309 Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462302/100/100/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "23713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23713"
},
{
"name": "22014",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22014"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
},
{
"name": "20070120 Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457509/100/0/threaded"
},
{
"name": "ADV-2007-0155",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0155"
},
{
"name": "32727",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32727"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017509",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017509"
},
{
"name": "http://www.digitalarmaments.com/pre2007-00018659.html",
"refsource": "MISC",
"url": "http://www.digitalarmaments.com/pre2007-00018659.html"
},
{
"name": "20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456626/100/0/threaded"
},
{
"name": "20070112 Lies? [Was: Re: Digital Armaments Security Pre-Advisory11.01.2007: Grsecurity Kernel PaX - Local root vulnerability]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456722/100/0/threaded"
},
{
"name": "20070309 Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462302/100/100/threaded"
},
{
"name": "http://www.digitalarmaments.com/news_news.shtml",
"refsource": "MISC",
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"name": "http://grsecurity.net/news.php#digitalfud",
"refsource": "MISC",
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "23713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23713"
},
{
"name": "22014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22014"
},
{
"name": "http://forums.grsecurity.net/viewtopic.php?t=1646",
"refsource": "MISC",
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
},
{
"name": "20070120 Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457509/100/0/threaded"
},
{
"name": "ADV-2007-0155",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0155"
},
{
"name": "32727",
"refsource": "OSVDB",
"url": "http://osvdb.org/32727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0257",
"datePublished": "2007-01-16T23:00:00.000Z",
"dateReserved": "2007-01-16T00:00:00.000Z",
"dateUpdated": "2025-01-17T14:11:44.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0228 (GCVE-0-2006-0228)
Vulnerability from nvd – Published: 2006-01-17 21:00 – Updated: 2024-08-07 16:25
VLAI
Summary
The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/0199 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/16261 | vdb-entryx_refsource_BID |
| http://www.grsecurity.org/news.php#grsec218 | x_refsource_CONFIRM |
| http://secunia.com/advisories/18458 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-01-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0199"
},
{
"name": "grsecurity-rbac-admin-privileges(24156)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24156"
},
{
"name": "16261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.grsecurity.org/news.php#grsec218"
},
{
"name": "18458",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18458"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-0199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0199"
},
{
"name": "grsecurity-rbac-admin-privileges(24156)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24156"
},
{
"name": "16261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.grsecurity.org/news.php#grsec218"
},
{
"name": "18458",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18458"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0199",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0199"
},
{
"name": "grsecurity-rbac-admin-privileges(24156)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24156"
},
{
"name": "16261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16261"
},
{
"name": "http://www.grsecurity.org/news.php#grsec218",
"refsource": "CONFIRM",
"url": "http://www.grsecurity.org/news.php#grsec218"
},
{
"name": "18458",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18458"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0228",
"datePublished": "2006-01-17T21:00:00.000Z",
"dateReserved": "2006-01-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:25:33.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1826 (GCVE-0-2002-1826)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-09-16 17:53
VLAI
Summary
grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://online.securityfocus.com/archive/1/273002 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/4762 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/9109.php | vdb-entryx_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:32.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020517 Grsecurity problem - modifying \"read-only kernel\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/273002"
},
{
"name": "4762",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4762"
},
{
"name": "grsecurity-linux-kernel-patch(9109)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9109.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020517 Grsecurity problem - modifying \"read-only kernel\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/273002"
},
{
"name": "4762",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4762"
},
{
"name": "grsecurity-linux-kernel-patch(9109)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9109.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020517 Grsecurity problem - modifying \"read-only kernel\"",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/273002"
},
{
"name": "4762",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4762"
},
{
"name": "grsecurity-linux-kernel-patch(9109)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9109.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1826",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-28T04:00:00.000Z",
"dateUpdated": "2024-09-16T17:53:20.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1940 (GCVE-0-2008-1940)
Vulnerability from cvelistv5 – Published: 2008-04-24 19:00 – Updated: 2024-08-07 08:41
VLAI
Summary
The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.grsecurity.org/news.php#grsec21113 | x_refsource_CONFIRM |
| http://secunia.com/advisories/29899 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securitytracker.com/id?1019919 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2008/1323… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/28889 | vdb-entryx_refsource_BID |
Date Public
2008-04-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:41:00.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "grsecurity-rbac-security-bypass(41952)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41952"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.grsecurity.org/news.php#grsec21113"
},
{
"name": "29899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29899"
},
{
"name": "1019919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019919"
},
{
"name": "ADV-2008-1323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1323/references"
},
{
"name": "28889",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28889"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "grsecurity-rbac-security-bypass(41952)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41952"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.grsecurity.org/news.php#grsec21113"
},
{
"name": "29899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29899"
},
{
"name": "1019919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019919"
},
{
"name": "ADV-2008-1323",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1323/references"
},
{
"name": "28889",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28889"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "grsecurity-rbac-security-bypass(41952)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41952"
},
{
"name": "http://www.grsecurity.org/news.php#grsec21113",
"refsource": "CONFIRM",
"url": "http://www.grsecurity.org/news.php#grsec21113"
},
{
"name": "29899",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29899"
},
{
"name": "1019919",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019919"
},
{
"name": "ADV-2008-1323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1323/references"
},
{
"name": "28889",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28889"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1940",
"datePublished": "2008-04-24T19:00:00.000Z",
"dateReserved": "2008-04-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:41:00.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0253 (GCVE-0-2007-0253)
Vulnerability from cvelistv5 – Published: 2007-01-16 23:00 – Updated: 2024-08-07 12:12 Disputed
VLAI
Summary
Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.digitalarmaments.com/news_news.shtml | x_refsource_MISC |
| http://grsecurity.net/news.php#digitalfud | x_refsource_MISC |
| http://forums.grsecurity.net/viewtopic.php?t=1646 | x_refsource_MISC |
Date Public
2007-01-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-01-19T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.digitalarmaments.com/news_news.shtml",
"refsource": "MISC",
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"name": "http://grsecurity.net/news.php#digitalfud",
"refsource": "MISC",
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "http://forums.grsecurity.net/viewtopic.php?t=1646",
"refsource": "MISC",
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0253",
"datePublished": "2007-01-16T23:00:00.000Z",
"dateReserved": "2007-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:12:17.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0257 (GCVE-0-2007-0257)
Vulnerability from cvelistv5 – Published: 2007-01-16 23:00 – Updated: 2025-01-17 14:11 Disputed
VLAI
Summary
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
13 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017509 | vdb-entryx_refsource_SECTRACK |
| http://www.digitalarmaments.com/pre2007-00018659.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/456626/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/456722/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/462302/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.digitalarmaments.com/news_news.shtml | x_refsource_MISC |
| http://grsecurity.net/news.php#digitalfud | x_refsource_MISC |
| http://secunia.com/advisories/23713 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/22014 | vdb-entryx_refsource_BID |
| http://forums.grsecurity.net/viewtopic.php?t=1646 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/457509/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/0155 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/32727 | vdb-entryx_refsource_OSVDB |
Date Public
2007-01-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017509"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalarmaments.com/pre2007-00018659.html"
},
{
"name": "20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456626/100/0/threaded"
},
{
"name": "20070112 Lies? [Was: Re: Digital Armaments Security Pre-Advisory11.01.2007: Grsecurity Kernel PaX - Local root vulnerability]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456722/100/0/threaded"
},
{
"name": "20070309 Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462302/100/100/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "23713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23713"
},
{
"name": "22014",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22014"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
},
{
"name": "20070120 Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457509/100/0/threaded"
},
{
"name": "ADV-2007-0155",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0155"
},
{
"name": "32727",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32727"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2007-0257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T20:13:33.925048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T14:11:44.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017509"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalarmaments.com/pre2007-00018659.html"
},
{
"name": "20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456626/100/0/threaded"
},
{
"name": "20070112 Lies? [Was: Re: Digital Armaments Security Pre-Advisory11.01.2007: Grsecurity Kernel PaX - Local root vulnerability]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456722/100/0/threaded"
},
{
"name": "20070309 Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462302/100/100/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "23713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23713"
},
{
"name": "22014",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22014"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
},
{
"name": "20070120 Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457509/100/0/threaded"
},
{
"name": "ADV-2007-0155",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0155"
},
{
"name": "32727",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32727"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that \"the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.\" The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017509",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017509"
},
{
"name": "http://www.digitalarmaments.com/pre2007-00018659.html",
"refsource": "MISC",
"url": "http://www.digitalarmaments.com/pre2007-00018659.html"
},
{
"name": "20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456626/100/0/threaded"
},
{
"name": "20070112 Lies? [Was: Re: Digital Armaments Security Pre-Advisory11.01.2007: Grsecurity Kernel PaX - Local root vulnerability]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456722/100/0/threaded"
},
{
"name": "20070309 Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462302/100/100/threaded"
},
{
"name": "http://www.digitalarmaments.com/news_news.shtml",
"refsource": "MISC",
"url": "http://www.digitalarmaments.com/news_news.shtml"
},
{
"name": "http://grsecurity.net/news.php#digitalfud",
"refsource": "MISC",
"url": "http://grsecurity.net/news.php#digitalfud"
},
{
"name": "23713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23713"
},
{
"name": "22014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22014"
},
{
"name": "http://forums.grsecurity.net/viewtopic.php?t=1646",
"refsource": "MISC",
"url": "http://forums.grsecurity.net/viewtopic.php?t=1646"
},
{
"name": "20070120 Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457509/100/0/threaded"
},
{
"name": "ADV-2007-0155",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0155"
},
{
"name": "32727",
"refsource": "OSVDB",
"url": "http://osvdb.org/32727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0257",
"datePublished": "2007-01-16T23:00:00.000Z",
"dateReserved": "2007-01-16T00:00:00.000Z",
"dateUpdated": "2025-01-17T14:11:44.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0228 (GCVE-0-2006-0228)
Vulnerability from cvelistv5 – Published: 2006-01-17 21:00 – Updated: 2024-08-07 16:25
VLAI
Summary
The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/0199 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/16261 | vdb-entryx_refsource_BID |
| http://www.grsecurity.org/news.php#grsec218 | x_refsource_CONFIRM |
| http://secunia.com/advisories/18458 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-01-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0199"
},
{
"name": "grsecurity-rbac-admin-privileges(24156)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24156"
},
{
"name": "16261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.grsecurity.org/news.php#grsec218"
},
{
"name": "18458",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18458"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-0199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0199"
},
{
"name": "grsecurity-rbac-admin-privileges(24156)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24156"
},
{
"name": "16261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.grsecurity.org/news.php#grsec218"
},
{
"name": "18458",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18458"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0199",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0199"
},
{
"name": "grsecurity-rbac-admin-privileges(24156)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24156"
},
{
"name": "16261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16261"
},
{
"name": "http://www.grsecurity.org/news.php#grsec218",
"refsource": "CONFIRM",
"url": "http://www.grsecurity.org/news.php#grsec218"
},
{
"name": "18458",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18458"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0228",
"datePublished": "2006-01-17T21:00:00.000Z",
"dateReserved": "2006-01-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:25:33.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1826 (GCVE-0-2002-1826)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-09-16 17:53
VLAI
Summary
grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://online.securityfocus.com/archive/1/273002 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/4762 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/9109.php | vdb-entryx_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:32.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020517 Grsecurity problem - modifying \"read-only kernel\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/273002"
},
{
"name": "4762",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4762"
},
{
"name": "grsecurity-linux-kernel-patch(9109)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9109.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020517 Grsecurity problem - modifying \"read-only kernel\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/273002"
},
{
"name": "4762",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4762"
},
{
"name": "grsecurity-linux-kernel-patch(9109)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9109.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020517 Grsecurity problem - modifying \"read-only kernel\"",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/273002"
},
{
"name": "4762",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4762"
},
{
"name": "grsecurity-linux-kernel-patch(9109)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9109.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1826",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-28T04:00:00.000Z",
"dateUpdated": "2024-09-16T17:53:20.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}