Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-1072
HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1072

2005-01-1005:00:00
[email protected]
web.nvd.nist.gov
42
linux kernel
binfmt_elf
denial of service
buffer overflow
arbitrary code
cve-2004-1072
nvd

7.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

35.2%

JSON

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

Affected configurations

NVD
Node
linuxlinux_kernelMatch2.4.0
OR
linuxlinux_kernelMatch2.4.0test1
OR
linuxlinux_kernelMatch2.4.0test10
OR
linuxlinux_kernelMatch2.4.0test11
OR
linuxlinux_kernelMatch2.4.0test12
OR
linuxlinux_kernelMatch2.4.0test2
OR
linuxlinux_kernelMatch2.4.0test3
OR
linuxlinux_kernelMatch2.4.0test4
OR
linuxlinux_kernelMatch2.4.0test5
OR
linuxlinux_kernelMatch2.4.0test6
OR
linuxlinux_kernelMatch2.4.0test7
OR
linuxlinux_kernelMatch2.4.0test8
OR
linuxlinux_kernelMatch2.4.0test9
OR
linuxlinux_kernelMatch2.4.1
OR
linuxlinux_kernelMatch2.4.2
OR
linuxlinux_kernelMatch2.4.3
OR
linuxlinux_kernelMatch2.4.4
OR
linuxlinux_kernelMatch2.4.5
OR
linuxlinux_kernelMatch2.4.6
OR
linuxlinux_kernelMatch2.4.7
OR
linuxlinux_kernelMatch2.4.8
OR
linuxlinux_kernelMatch2.4.9
OR
linuxlinux_kernelMatch2.4.10
OR
linuxlinux_kernelMatch2.4.11
OR
linuxlinux_kernelMatch2.4.12
OR
linuxlinux_kernelMatch2.4.13
OR
linuxlinux_kernelMatch2.4.14
OR
linuxlinux_kernelMatch2.4.15
OR
linuxlinux_kernelMatch2.4.16
OR
linuxlinux_kernelMatch2.4.17
OR
linuxlinux_kernelMatch2.4.18
OR
linuxlinux_kernelMatch2.4.18x86
OR
linuxlinux_kernelMatch2.4.18pre1
OR
linuxlinux_kernelMatch2.4.18pre2
OR
linuxlinux_kernelMatch2.4.18pre3
OR
linuxlinux_kernelMatch2.4.18pre4
OR
linuxlinux_kernelMatch2.4.18pre5
OR
linuxlinux_kernelMatch2.4.18pre6
OR
linuxlinux_kernelMatch2.4.18pre7
OR
linuxlinux_kernelMatch2.4.18pre8
OR
linuxlinux_kernelMatch2.4.19
OR
linuxlinux_kernelMatch2.4.19pre1
OR
linuxlinux_kernelMatch2.4.19pre2
OR
linuxlinux_kernelMatch2.4.19pre3
OR
linuxlinux_kernelMatch2.4.19pre4
OR
linuxlinux_kernelMatch2.4.19pre5
OR
linuxlinux_kernelMatch2.4.19pre6
OR
linuxlinux_kernelMatch2.4.20
OR
linuxlinux_kernelMatch2.4.21
OR
linuxlinux_kernelMatch2.4.21pre1
OR
linuxlinux_kernelMatch2.4.21pre4
OR
linuxlinux_kernelMatch2.4.21pre7
OR
linuxlinux_kernelMatch2.4.22
OR
linuxlinux_kernelMatch2.4.23
OR
linuxlinux_kernelMatch2.4.23pre9
OR
linuxlinux_kernelMatch2.4.23_ow2
OR
linuxlinux_kernelMatch2.4.24
OR
linuxlinux_kernelMatch2.4.24_ow1
OR
linuxlinux_kernelMatch2.4.25
OR
linuxlinux_kernelMatch2.4.26
OR
linuxlinux_kernelMatch2.4.27
OR
linuxlinux_kernelMatch2.4.27pre1
OR
linuxlinux_kernelMatch2.4.27pre2
OR
linuxlinux_kernelMatch2.4.27pre3
OR
linuxlinux_kernelMatch2.4.27pre4
OR
linuxlinux_kernelMatch2.4.27pre5
OR
linuxlinux_kernelMatch2.6.0
OR
linuxlinux_kernelMatch2.6.0test1
OR
linuxlinux_kernelMatch2.6.0test10
OR
linuxlinux_kernelMatch2.6.0test11
OR
linuxlinux_kernelMatch2.6.0test2
OR
linuxlinux_kernelMatch2.6.0test3
OR
linuxlinux_kernelMatch2.6.0test4
OR
linuxlinux_kernelMatch2.6.0test5
OR
linuxlinux_kernelMatch2.6.0test6
OR
linuxlinux_kernelMatch2.6.0test7
OR
linuxlinux_kernelMatch2.6.0test8
OR
linuxlinux_kernelMatch2.6.0test9
OR
linuxlinux_kernelMatch2.6.1
OR
linuxlinux_kernelMatch2.6.1rc1
OR
linuxlinux_kernelMatch2.6.1rc2
OR
linuxlinux_kernelMatch2.6.2
OR
linuxlinux_kernelMatch2.6.3
OR
linuxlinux_kernelMatch2.6.4
OR
linuxlinux_kernelMatch2.6.5
OR
linuxlinux_kernelMatch2.6.6
OR
linuxlinux_kernelMatch2.6.6rc1
OR
linuxlinux_kernelMatch2.6.7
OR
linuxlinux_kernelMatch2.6.7rc1
OR
linuxlinux_kernelMatch2.6.8
OR
linuxlinux_kernelMatch2.6.8rc1
OR
linuxlinux_kernelMatch2.6.8rc2
OR
linuxlinux_kernelMatch2.6.8rc3
OR
linuxlinux_kernelMatch2.6.92.6.20
OR
linuxlinux_kernelMatch2.6_test9_cvs
OR
redhatenterprise_linuxMatch2.1advanced_server
OR
redhatenterprise_linuxMatch2.1advanced_server_ia64
OR
redhatenterprise_linuxMatch2.1enterprise_server
OR
redhatenterprise_linuxMatch2.1enterprise_server_ia64
OR
redhatenterprise_linuxMatch2.1workstation
OR
redhatenterprise_linuxMatch2.1workstation_ia64
OR
redhatenterprise_linuxMatch3.0advanced_server
OR
redhatenterprise_linuxMatch3.0enterprise_server
OR
redhatenterprise_linuxMatch3.0workstation_server
OR
redhatenterprise_linux_desktopMatch3.0
OR
redhatfedora_coreMatchcore_2.0
OR
redhatfedora_coreMatchcore_3.0
OR
redhatlinux_advanced_workstationMatch2.1ia64
OR
redhatlinux_advanced_workstationMatch2.1itanium_processor
OR
susesuse_linuxMatch1.0desktop
OR
susesuse_linuxMatch8enterprise_server
OR
susesuse_linuxMatch8.1
OR
susesuse_linuxMatch8.2
OR
susesuse_linuxMatch9.0
OR
susesuse_linuxMatch9.0enterprise_server
OR
susesuse_linuxMatch9.0x86_64
OR
susesuse_linuxMatch9.1
OR
susesuse_linuxMatch9.2
OR
trustixsecure_linuxMatch1.5
OR
trustixsecure_linuxMatch2.0
OR
trustixsecure_linuxMatch2.1
OR
trustixsecure_linuxMatch2.2
OR
turbolinuxturbolinux_serverMatch10.0

References

Related

nvd 1
cvelist 1
redhat 4
nessus 8
suse 1
openvas 7
osv 4
debian 5
nvd
nvd
CVE-2004-1072
2005-01-10 05:00:00
cvelist
cvelist
CVE-2004-1072
2004-12-01 05:00:00
redhat
redhat
(RHSA-2005:275) ia32el security update
2005-05-18 00:00:00
(RHSA-2004:505) Updated kernel packages fix security vulnerability
2004-12-13 00:00:00
(RHSA-2004:549) kernel security update
2004-12-02 00:00:00
nessus
nessus
RHEL 2.1 / 3 : openmotif (RHSA-2004:537)
2004-12-13 00:00:00
RHEL 2.1 : kernel (RHSA-2004:505)
2004-12-14 00:00:00
RHEL 3 : kernel (RHSA-2004:549)
2004-12-13 00:00:00
suse
suse
local and remote denial of service in kernel
2004-12-01 14:31:07
openvas
openvas
Debian: Security Advisory (DSA-1069-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-1082-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1067-1 (kernel 2.4.16)
2008-01-17 00:00:00
osv
osv
kernel-source-2.4.16 - several
2006-05-20 00:00:00
kernel-source-2.4.17 - several vulnerabilities
2006-05-29 00:00:00
kernel-source-2.4.19 - several vulnerabilities
2006-05-21 00:00:00
debian
debian
[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities
2006-05-21 17:30:06
[SECURITY] [DSA 1082-1] New Linux kernel 2.4.17 packages fix several vulnerabilities
2006-05-29 19:29:19
[SECURITY] [DSA 1070-1] New Linux kernel 2.4.19 packages fix several vulnerabilities
2006-05-21 06:24:21

7.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

35.2%

JSON
Related for CVE-2004-1072
nvd1cvelist1redhat4nessus8suse1openvas7osv4debian5