Back to search
CVE-2006-1343
Published: Mar 21, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2006:0437
vendor-advisory
x_refsource_REDHAT
ADV-2006-4502
vdb-entry
x_refsource_VUPEN
20060531 rPSA-2006-0087-1 kernel
mailing-list
x_refsource_BUGTRAQ
RHSA-2006:0579
vendor-advisory
x_refsource_REDHAT
USN-281-1
vendor-advisory
x_refsource_UBUNTU
29841
vdb-entry
x_refsource_OSVDB
22875
third-party-advisory
x_refsource_SECUNIA
21136
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:150
vendor-advisory
x_refsource_MANDRIVA
http://www.vmware.com/download/esx/esx-202-200610-patch.html
x_refsource_CONFIRM
2006-0032
vendor-advisory
x_refsource_TRUSTIX
MDKSA-2006:123
vendor-advisory
x_refsource_MANDRIVA
20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
mailing-list
x_refsource_BUGTRAQ
21983
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/download/esx/esx-213-200610-patch.html
x_refsource_CONFIRM
linux-sockaddr-memory-leak(25425)
vdb-entry
x_refsource_XF
DSA-1097
vendor-advisory
x_refsource_DEBIAN
RHSA-2006:0575
vendor-advisory
x_refsource_REDHAT
19955
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10875
vdb-entry
signature
x_refsource_OVAL
RHSA-2006:0580
vendor-advisory
x_refsource_REDHAT
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
x_refsource_CONFIRM
http://www.vmware.com/download/esx/esx-254-200610-patch.html
x_refsource_CONFIRM
19357
third-party-advisory
x_refsource_SECUNIA
21465
third-party-advisory
x_refsource_SECUNIA
20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
mailing-list
x_refsource_BUGTRAQ
21045
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
x_refsource_CONFIRM
20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
mailing-list
x_refsource_BUGTRAQ
22417
third-party-advisory
x_refsource_SECUNIA
17203
vdb-entry
x_refsource_BID
22093
third-party-advisory
x_refsource_SECUNIA
20671
third-party-advisory
x_refsource_SECUNIA
ADV-2006-2071
vdb-entry
x_refsource_VUPEN
20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
mailing-list
x_refsource_BUGTRAQ
DSA-1184
vendor-advisory
x_refsource_DEBIAN
[linux-netdev] 20060304 BUG: Small information leak in SO_ORIGINAL_DST (2.4 and 2.6) and
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now