CVE-2004-0497

🗓️ 06 Jul 2004 04:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 86 Views🌐 WEB

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files

Reporter	Title	Published	Views	Family All 27
0day.today	Linux Kernel 2.6.x < 2.6.7-rc3 - sys_chown() Privilege Escalation Exploit	8 Nov 201600:00	–	zdt
0day.today	Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit	24 Dec 200400:00	–	zdt
Cvelist	CVE-2004-0497	6 Jul 200404:00	–	cvelist
Exploit DB	Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation	4 Dec 200400:00	–	exploitdb
Exploit DB	Linux Kernel < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation	24 Dec 200400:00	–	exploitdb
EUVD	EUVD-2004-0496	7 Oct 202500:30	–	euvd
exploitpack	Linux Kernel 2.6.7-rc3 (Slackware 9.1 Debian 3.0) - sys_chown() Group Ownership Alteration Privilege Escalation	24 Dec 200400:00	–	exploitpack
Tenable Nessus	Fedora Core 2 : kernel-2.6.6-1.435.2.3 (2004-205)	23 Jul 200400:00	–	nessus
Tenable Nessus	Fedora Core 1 : kernel-2.4.22-1.2197.nptl (2004-206)	23 Jul 200400:00	–	nessus
Tenable Nessus	GLSA-200407-16 : Linux Kernel: Multiple DoS and permission vulnerabilities	30 Aug 200400:00	–	nessus

NVD

Node

Node

redhat enterprise_linuxMatch2.1advanced_server

redhat enterprise_linuxMatch2.1enterprise_server

redhat enterprise_linuxMatch3.0advanced_server

redhat enterprise_linuxMatch3.0enterprise_server

redhat enterprise_linuxMatch3.0workstation_server

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/16599
distro	www.distro.conectiva.com.br/atualizacoes/
novell	www.novell.com/linux/security/advisories/2004_20_kernel.html
mandrakesecure	www.mandrakesecure.net/en/advisories/advisory.php
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867
redhat	www.redhat.com/support/errata/RHSA-2004-354.html
redhat	www.redhat.com/support/errata/RHSA-2004-360.html

Parameter	Position	Path	Description
file_name	path	/etc/shadow	Local privilege escalation via chown DAC bypass on Linux kernel (CVE-2004-0497) can modify file ownership on sensitive targets when used with NFS or local files.
file_name	path	/dev/mem	Local privilege escalation via chown DAC bypass on Linux kernel (CVE-2004-0497) can read sensitive kernel/memory data.
file_name	path	/dev/kmem	Local privilege escalation via chown DAC bypass on Linux kernel (CVE-2004-0497) can read kernel memory.
file_name	path	/dev/hd*	Local privilege escalation via chown DAC bypass on Linux kernel (CVE-2004-0497) can affect disk devices under /dev/hd*.
file_name	path	/dev/sd*	Local privilege escalation via chown DAC bypass on Linux kernel (CVE-2004-0497) can affect disk devices under /dev/sd*.
file_name	path	/dev/tty*	Local privilege escalation via chown DAC bypass on Linux kernel (CVE-2004-0497) can affect terminal devices under /dev/tty*.
file_name	path	/dev/pts*	Local privilege escalation via chown DAC bypass on Linux kernel (CVE-2004-0497) can affect pseudo-terminal devices under /dev/pts*.

16 Jun 2026 22:05Current

5.7Medium risk

Vulners AI Score5.7

CVSS 22.1

EPSS0.00801