Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-3707

Опубликовано: 27 июн. 2016
Источник: nvd
CVSS3: 8.1
CVSS2: 6.8
EPSS Низкий

Описание

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel-rt:*:*:*:*:*:*:*:*
Версия до 3.10.0 (включая)
cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*

EPSS

Процентиль: 82%
0.01788
Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

ubuntu логотип

CVE-2016-3707

CVSS3: 8.1
ubuntu
больше 9 лет назад

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

redhat логотип

CVE-2016-3707

redhat
больше 9 лет назад

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

debian логотип

CVE-2016-3707

CVSS3: 8.1
debian
больше 9 лет назад

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org pro ...

github логотип

GHSA-558g-x28c-wmj6

CVSS3: 8.1
github
больше 3 лет назад

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

suse-cvrf логотип

SUSE-SU-2016:1985-1

suse-cvrf
больше 9 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 82%
0.01788
Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-284