Lucene search

Ubuntu.comUB:CVE-2004-1038

HistoryMar 01, 2005 - 12:00 a.m.

CVE-2004-1038

2005-03-0100:00:00

ubuntu.com

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

54.8%

JSON

A design error in the IEEE1394 specification allows attackers with physical
access to a device to read and write to sensitive memory using a modified
FireWire/IEEE 1394 client, thus bypassing intended restrictions that would
normally require greater degrees of physical access to exploit. NOTE: this
was reported in 2008 to affect Windows Vista, but some Linux-based
operating systems have protection mechanisms against this attack.

Notes

Author	Note
kees	This is a physical design issue with Firewire. It can be mitigated via setting “options ohci1394 phys_dma=0” in a /etc/modprobe.d/ file, though this will greatly reduce the speed of your Firewire.

References

www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-dma-part-1-overview-and-mitigation

launchpad.net/bugs/cve/CVE-2004-1038

nvd.nist.gov/vuln/detail/CVE-2004-1038

security-tracker.debian.org/tracker/CVE-2004-1038

www.cve.org/CVERecord?id=CVE-2004-1038

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

54.8%

JSON

Related for UB:CVE-2004-1038