QwikSec

Security Database

CVE

CWE

Training

CVE-2006-2451

Published: Jul 7, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

20060713 Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )

mailing-list

x_refsource_BUGTRAQ

SUSE-SR:2006:017

vendor-advisory

x_refsource_SUSE

SUSE-SA:2006:042

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_VUPEN

20060707 rPSA-2006-0122-1 kernel

mailing-list

x_refsource_BUGTRAQ

20060716 Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround

mailing-list

x_refsource_BUGTRAQ

20060714 Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround

mailing-list

x_refsource_BUGTRAQ

20060710 Re: rPSA-2006-0122-1 kernel

mailing-list

x_refsource_BUGTRAQ

SUSE-SA:2006:047

vendor-advisory

x_refsource_SUSE

http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git%3Ba=commit%3Bh=0af184bb9f80edfbb94de46cb52e9592e5a547b0

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.24

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

SUSE-SR:2006:016

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=195902

x_refsource_MISC

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.4

x_refsource_CONFIRM

SUSE-SA:2006:049

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2006-162.htm

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:11336

vdb-entry

signature

x_refsource_OVAL

20060712 Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )

mailing-list

x_refsource_BUGTRAQ

https://issues.rpath.com/browse/RPL-488

x_refsource_CONFIRM

20060713 Linux sys_prctl LKM based hotfix

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2006-2451 - Security Vulnerability | QwikSec