Russian Vulnerability Scanner Database

Back to List

CVE-2006-2935

Scores

EPSS

0.002very_low0.2%
0%20%40%60%80%100%

Percentile: 0.2%

CVSS

4.6medium2.0
0246810

CVSS Score: 4.6/10

All CVSS Scores

CVSS 2.0
4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Description

The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhat

CWEs

CWE-120

Related Vulnerabilities

BDU:2015-03499BDU:2015-04819BDU:2015-04820BDU:2015-04821BDU:2015-04822BDU:2015-04823BDU:2015-04824BDU:2015-04825BDU:2015-04826BDU:2015-04827BDU:2015-04828BDU:2015-04829BDU:2015-04830BDU:2015-04831BDU:2015-04832BDU:2015-04833BDU:2015-04834BDU:2015-04835BDU:2015-04836BDU:2015-04837BDU:2015-04838BDU:2015-04839BDU:2015-04840BDU:2015-04841BDU:2015-04842BDU:2015-04843BDU:2015-04844BDU:2015-04845BDU:2015-04846BDU:2015-04847BDU:2015-04848BDU:2015-04849BDU:2015-04850BDU:2015-04851BDU:2015-04852BDU:2015-04853BDU:2015-04854BDU:2015-04855BDU:2015-04856BDU:2015-04857BDU:2015-04858BDU:2015-04859BDU:2015-04860BDU:2015-04861BDU:2015-04862BDU:2015-04863BDU:2015-04864BDU:2015-04865BDU:2015-04866BDU:2015-04867BDU:2015-04868BDU:2015-04869BDU:2015-04870BDU:2015-04871BDU:2015-04872BDU:2015-04873BDU:2015-04874BDU:2015-04875BDU:2015-04876BDU:2015-04877BDU:2015-04878BDU:2015-04879

Exploits

Exploit ID: 1880

Source: exploitdb

URL: https://www.exploit-db.com/exploits/1880

Exploit ID: 2004

Source: exploitdb

URL: https://www.exploit-db.com/exploits/2004

Exploit ID: 2005

Source: exploitdb

URL: https://www.exploit-db.com/exploits/2005

Exploit ID: 2006

Source: exploitdb

URL: https://www.exploit-db.com/exploits/2006

Exploit ID: 2011

Source: exploitdb

URL: https://www.exploit-db.com/exploits/2011

Exploit ID: 2031

Source: exploitdb

URL: https://www.exploit-db.com/exploits/2031

Vulnerable Software (8)

Type: Configuration

Product: kernel

Operating System: rhel 2.1

Trait: 
{  "fixed": "2.4.18-e.64"}

Source: redhat

Type: Configuration

Product: kernel

Operating System: rhel 2.1

Trait: 
{  "fixed": "2.4.9-e.71"}

Source: redhat

Type: Configuration

Product: kernel

Operating System: rhel 3

Trait: 
{  "fixed": "2.4.21-47.0.1.EL"}

Source: redhat

Type: Configuration

Product: kernel

Operating System: rhel 4

Trait: 
{  "fixed": "2.6.9-42.0.2.EL"}

Source: redhat

Type: Configuration

Product: linux-2.6

Operating System: debian

Trait: 
{  "fixed": "2.6.17-5"}

Source: debian

Type: Configuration

Vendor: *

Product: debian_linux

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: linux_kernel

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.16.16",      "versionStartIncluding": "2.2.16",      "vulnerable": true   ...

Source: nvd

Type: Configuration

Vendor: *

Product: ubuntu_linux

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*...

Source: nvd

End of list