Filtered by vendor Vserver
Subscribe
Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-0178 | 3 Linux, Netkit, Vserver | 3 Linux Kernel, Linux Netkit, Linux-vserver | 2017-10-10 | 6.2 MEDIUM | N/A |
Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores. | |||||
CVE-2005-4418 | 1 Vserver | 1 Util-vserver | 2017-07-19 | 7.5 HIGH | N/A |
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities. | |||||
CVE-2004-2408 | 1 Vserver | 1 Linux-vserver | 2017-07-10 | 3.6 LOW | N/A |
Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions across all virtual and host servers, which allows local users with the ability to set permissions in /proc to obtain system information or cause a denial of service on other virtual servers or the host server. | |||||
CVE-2004-2073 | 1 Vserver | 1 Linux-vserver | 2017-07-10 | 7.2 HIGH | N/A |
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command. | |||||
CVE-2006-1656 | 1 Vserver | 1 Util-vserver | 2008-09-05 | 7.2 HIGH | N/A |
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root. | |||||
CVE-2004-2613 | 1 Vserver | 1 Linux-vserver | 2008-09-05 | 10.0 HIGH | N/A |
Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408. | |||||
CVE-2003-1288 | 1 Vserver | 1 Linux-vserver | 2008-09-05 | 5.0 MEDIUM | N/A |
Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions. |