[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-1072Date: (C)2005-01-10   (M)2023-12-22


The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-11646
SECUNIA-19607
20060402-01-U
SECUNIA-20162
SECUNIA-20163
SECUNIA-20202
SECUNIA-20338
DSA-1067
DSA-1069
DSA-1070
DSA-1082
FLSA:2336
MDKSA-2005:022
RHSA-2004:504
RHSA-2004:505
RHSA-2004:537
RHSA-2005:275
http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
linux-elf-setuid-gain-privileges(18025)
oval:org.mitre.oval:def:11195

CPE    100
cpe:/o:linux:linux_kernel:2.4.27:pre5
cpe:/o:linux:linux_kernel:2.4.27:pre4
cpe:/o:linux:linux_kernel:2.4.27:pre1
cpe:/o:linux:linux_kernel:2.4.27:pre3
...

© SecPod Technologies