CVE-2005-0815
published 2005-05-02CVE-2005-0815: Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt…
PriorityP431medium6.4CVSS 2.0
AVNACLAuNCNIPAP
EXPLOIT
EPSS
13.43%
96.0th percentile
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
Affected
182 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
vendor_redhat6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2005-04-01
CVE-2005-0400 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Mathieu Lafon discovered an information leak in the ext2 file system
driver. When a new directory was created, the ext2 block written to
disk was not initialized, so that previous memory contents (which
could contain sensitive data like passwords) became visible on the raw
device. This is particularly important if the target device is
removable and thus can be read by users other than root.
(CAN-2005-0400)
Yichen Xie discovered a Denial of Service vulnerability in the ELF
loader. A specially crafted ELF library or executable could cause an
attempt to free an invalid pointer, which lead to a kernel crash.
(CAN-2005-0749)
Ilja van Sprundel discovered that the bluez_sock_create() function did
not check its "protocol
Red Hat
security flaw
vendor_redhat·2005-03-17·CVSS 6.4
CVE-2005-0815 [MEDIUM] security flaw
security flaw
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
GHSA
GHSA-jh82-8337-2954: Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2
ghsa_unreviewed·2022-05-01
CVE-2005-0815 [MEDIUM] GHSA-jh82-8337-2954: Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
No detection rules found.
Bugzilla
CVE-2005-0815 security flaw
bugzilla·2018-08-16·CVSS 6.4
CVE-2005-0815 [MEDIUM] CVE-2005-0815 security flaw
CVE-2005-0815 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
Bugzilla
CVE-2005-0815 isofs range checking flaws
bugzilla·2005-03-29·CVSS 6.4
CVE-2005-0815 [MEDIUM] CVE-2005-0815 isofs range checking flaws
CVE-2005-0815 isofs range checking flaws
Michal Zalewski discovered some flaws in the iso9660 filesystem. These flaws
could allow a malicious iso filesystem to cause a DoS or potentially execute
arbitrary code if mounted/examined. Rated as a moderate severity issue as
requires a local user who has permissions to mount a filesystem (or physical
access to the console).
http://marc.theaimsgroup.com/?l=bugtraq&m=111110067304783
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244beb4CNM5FJ-dSQjYbDZ1wJ2yNQ
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244be82bvD-_7wwLkYa0visB12aEw
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244bedbODYVU4s1YAGRvZSt28TAgA
fixed=2.4 (20050325
http://linux.bkbits.net:8080/linux-2.4/cset@4244a3d91w2q8hQzZefX
Bugzilla
CVE-2005-0815 isofs range checking flaws (ipf)
bugzilla·2005-03-29·CVSS 6.4
CVE-2005-0815 [MEDIUM] CVE-2005-0815 isofs range checking flaws (ipf)
CVE-2005-0815 isofs range checking flaws (ipf)
Michal Zalewski discovered some flaws in the iso9660 filesystem. These flaws
could allow a malicious iso filesystem to cause a DoS or potentially execute
arbitrary code if mounted/examined. Rated as a moderate severity issue as
requires a local user who has permissions to mount a filesystem (or physical
access to the console).
http://marc.theaimsgroup.com/?l=bugtraq&m=111110067304783
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244beb4CNM5FJ-dSQjYbDZ1wJ2yNQ
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244be82bvD-_7wwLkYa0visB12aEw
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244bedbODYVU4s1YAGRvZSt28TAgA
fixed=2.4 (20050325
http://linux.bkbits.net:8080/linux-2.4/cset@4244a3d91w2q8h
Bugzilla
CVE-2005-0815 isofs range checking flaws
bugzilla·2005-03-29·CVSS 6.4
CVE-2005-0815 [MEDIUM] CVE-2005-0815 isofs range checking flaws
CVE-2005-0815 isofs range checking flaws
Michal Zalewski discovered some flaws in the iso9660 filesystem. These flaws
could allow a malicious iso filesystem to cause a DoS or potentially execute
arbitrary code if mounted/examined. Rated as a moderate severity issue as
requires a local user who has permissions to mount a filesystem (or physical
access to the console).
http://marc.theaimsgroup.com/?l=bugtraq&m=111110067304783
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244beb4CNM5FJ-dSQjYbDZ1wJ2yNQ
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244be82bvD-_7wwLkYa0visB12aEw
fixed=2.6 (20050325
http://linux.bkbits.net:8080/linux-2.6/cset@4244bedbODYVU4s1YAGRvZSt28TAgA
fixed=2.4 (20050325
http://linux.bkbits.net:8080/linux-2.4/cset@4244a3d91w2q8hQzZefX
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.12-rc1http://secunia.com/advisories/17002http://secunia.com/advisories/18684http://www.mandriva.com/security/advisories?name=MDKSA-2006:072http://www.redhat.com/support/errata/RHSA-2005-366.htmlhttp://www.redhat.com/support/errata/RHSA-2005-663.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0190.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0191.htmlhttp://www.securityfocus.com/archive/1/393590http://www.securityfocus.com/bid/12837http://www.vupen.com/english/advisories/2005/1878https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532https://exchange.xforce.ibmcloud.com/vulnerabilities/19741https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9307http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.12-rc1http://secunia.com/advisories/17002http://secunia.com/advisories/18684http://www.mandriva.com/security/advisories?name=MDKSA-2006:072http://www.redhat.com/support/errata/RHSA-2005-366.htmlhttp://www.redhat.com/support/errata/RHSA-2005-663.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0190.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0191.htmlhttp://www.securityfocus.com/archive/1/393590http://www.securityfocus.com/bid/12837http://www.vupen.com/english/advisories/2005/1878https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532https://exchange.xforce.ibmcloud.com/vulnerabilities/19741https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9307
2005-05-02
Published