Candidate: CVE-2006-1342
References: 
 http://marc.theaimsgroup.com/?l=linux-netdev&m=114148078223594&w=2
 http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git;a=commit;h=09d3b3dcfa80c9094f1748c1be064b9326c9ef2b
Description:
 net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero
 before returning IPv4 socket names from the (1) getsockname, (2) getpeername,
 and (3) accept functions, which allows local users to obtain portions of
 potentially sensitive memory.
Notes: 
 jmm> getorigdst() requires the fix in 2.6.8, inet_getname() is already fixed
 dannf> both CVE-2006-1342 & CVE-2006-1343 were fixed by the same patch;
        however we actually coincidentally already fixed 1343 in the
        043_ipsec.diff patch
Bugs: 
upstream: released (2.4.33-pre3)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: released (2.4.27-1)
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: