[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-1235Date: (C)2005-04-14   (M)2023-12-22


Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.2
Exploit Score: 1.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-12190
2005-0001
http://marc.info/?l=bugtraq&m=110512575901427&w=2
SECUNIA-20162
SECUNIA-20163
SECUNIA-20202
SECUNIA-20338
CLA-2005:930
DSA-1067
DSA-1069
DSA-1070
DSA-1082
FEDORA-2005-013
FEDORA-2005-014
FLSA:2336
MDKSA-2005:022
RHSA-2005:016
RHSA-2005:017
RHSA-2005:043
RHSA-2005:092
SUSE-SR:2005:001
http://isec.pl/vulnerabilities/isec-0021-uselib.txt
http://www.securityfocus.com/advisories/7804
linux-uselib-gain-privileges(18800)
oval:org.mitre.oval:def:9567

CPE    111
cpe:/o:linux:linux_kernel:2.4.27:pre5
cpe:/o:linux:linux_kernel:2.4.27:pre4
cpe:/o:linux:linux_kernel:2.4.27:pre1
cpe:/o:linux:linux_kernel:2.4.27:pre3
...

© SecPod Technologies