CVE-2004-0109

Severity

46%

Complexity

39%

Confidentiality

106%

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Linux Kernel

First reported 21 years ago

2004-06-01 04:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

Linux Kernel 2.4.0

2.4.0

Linux Kernel 2.5.0

2.5.0

Linux Kernel 2.6.0

2.6.0

References

20040405-01-U

Patch, Vendor Advisory

20040504-01-U

CLA-2004:846

2004-0020

RHSA-2004:166

Patch, Vendor Advisory

11361

11362

11373

11429

11464

11469

11470

11486

11494

11518

11626

11861

11891

11986

12003

GLSA-200407-02

O-121

O-127

DSA-479

DSA-480

DSA-481

DSA-482

DSA-489

DSA-491

DSA-495

http://www.idefense.com/application/poi/display?id=101&type=vulnerabilities

Vendor Advisory

ESA-20040428-004

Patch, Vendor Advisory

MDKSA-2004:029

SuSE-SA:2004:009

RHSA-2004:105

RHSA-2004:106

RHSA-2004:183

10141

TLSA-2004-14

linux-iso9660-bo(15866)

oval:org.mitre.oval:def:10733

oval:org.mitre.oval:def:940

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.