Lucene search

[email protected]CVE-2004-1190

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1190

2005-01-1005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-1190

suse linux

firmware modification

unauthorized write

cd devices

nvd

6.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.

CPENameOperatorVersion
suse:suse_linuxsuse suse linuxeq9.0
suse:suse_linuxsuse suse linuxeq8.2
suse:suse_linuxsuse suse linuxeq8.1

CPE	Name	Operator	Version
suse:suse_linux	suse suse linux	eq	9.0
suse:suse_linux	suse suse linux	eq	8.2
suse:suse_linux	suse suse linux	eq	8.1

References

secunia.com/advisories/18510

www.novell.com/linux/security/advisories/2004_42_kernel.html

www.redhat.com/support/errata/RHSA-2006-0101.html

www.securityfocus.com/bid/11784

exchange.xforce.ibmcloud.com/vulnerabilities/18370

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9369

Social References

6.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2004-1190

seebug1 cvelist1 suse1 nessus2 redhat1 centos1