Lucene search

[email protected]CVE-2004-2395

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2395

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2395

memory leak

password buffer

denial of service

nvd

6.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

CPENameOperatorVersion
mandrakesoft:mandrake_multi_network_firewallmandrakesoft mandrake multi network firewalleq8.2
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq8.2
mandrakesoft:mandrake_linux_corporate_servermandrakesoft mandrake linux corporate servereq2.1
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq9.2
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq9.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq9.1
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.0

CPE	Name	Operator	Version
mandrakesoft:mandrake_multi_network_firewall	mandrakesoft mandrake multi network firewall	eq	8.2
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	8.2
mandrakesoft:mandrake_linux_corporate_server	mandrakesoft mandrake linux corporate server	eq	2.1
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	9.2
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	9.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	9.1
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.0

References

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060

www.mandriva.com/security/advisories?name=MDKSA-2004:045

www.securityfocus.com/bid/10370

exchange.xforce.ibmcloud.com/vulnerabilities/16180

6.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2004-2395

nessus1