Lucene search

[email protected]CVE-2004-0109

HistoryJun 01, 2004 - 4:00 a.m.

CVE-2004-0109

2004-06-0104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0109

buffer overflow

linux kernel

iso9660

nvd

security vulnerability

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

48.5%

JSON

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.5.0
linux:linux_kernellinux linux kerneleq2.6.0
linux:linux_kernellinux linux kerneleq2.4.0

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.5.0
linux:linux_kernel	linux linux kernel	eq	2.6.0
linux:linux_kernel	linux linux kernel	eq	2.4.0

References

ftp://patches.sgi.com/support/free/security/advisories/20040405-01-U.asc

ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846

marc.info/?l=bugtraq&m=108213675028441&w=2

rhn.redhat.com/errata/RHSA-2004-166.html

secunia.com/advisories/11361

secunia.com/advisories/11362

secunia.com/advisories/11373

secunia.com/advisories/11429

secunia.com/advisories/11464

secunia.com/advisories/11469

secunia.com/advisories/11470

secunia.com/advisories/11486

secunia.com/advisories/11494

secunia.com/advisories/11518

secunia.com/advisories/11626

secunia.com/advisories/11861

secunia.com/advisories/11891

secunia.com/advisories/11986

secunia.com/advisories/12003

security.gentoo.org/glsa/glsa-200407-02.xml

www.ciac.org/ciac/bulletins/o-121.shtml

www.ciac.org/ciac/bulletins/o-127.shtml

www.debian.org/security/2004/dsa-479

www.debian.org/security/2004/dsa-480

www.debian.org/security/2004/dsa-481

www.debian.org/security/2004/dsa-482

www.debian.org/security/2004/dsa-489

www.debian.org/security/2004/dsa-491

www.debian.org/security/2004/dsa-495

www.idefense.com/application/poi/display?id=101&type=vulnerabilities

www.linuxsecurity.com/advisories/engarde_advisory-4285.html

www.mandriva.com/security/advisories?name=MDKSA-2004:029

www.novell.com/linux/security/advisories/2004_09_kernel.html

www.redhat.com/support/errata/RHSA-2004-105.html

www.redhat.com/support/errata/RHSA-2004-106.html

www.redhat.com/support/errata/RHSA-2004-183.html

www.securityfocus.com/bid/10141

www.turbolinux.com/security/2004/TLSA-2004-14.txt

exchange.xforce.ibmcloud.com/vulnerabilities/15866

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10733

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A940

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

48.5%

JSON

Related for CVE-2004-0109

nessus13 redhat3 ubuntucve1 securityvulns2 debian16 openvas18 osv7 suse1 gentoo1