[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-1068Date: (C)2005-01-10   (M)2023-12-22


A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.2
Exploit Score: 1.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-11715
SECUNIA-19607
http://www.securityfocus.com/archive/1/381689
http://marc.info/?l=bugtraq&m=110306397320336&w=2
20060402-01-U
SECUNIA-20162
SECUNIA-20163
SECUNIA-20202
SECUNIA-20338
DSA-1067
DSA-1069
DSA-1070
DSA-1082
FLSA:2336
MDKSA-2005:022
RHSA-2004:504
RHSA-2004:505
RHSA-2004:537
SUSE-SA:2004:044
linux-afunix-race-condition(18230)
oval:org.mitre.oval:def:11384

CPE    63
cpe:/o:linux:linux_kernel:2.4.27:pre5
cpe:/o:linux:linux_kernel:2.4.27:pre4
cpe:/o:linux:linux_kernel:2.4.21:pre4
cpe:/o:linux:linux_kernel:2.4.27:pre1
...

© SecPod Technologies