CVE-2004-0109 Information
Description
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x 2.5.x and 2.6.x allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
Reference
ftp://patches.sgi.com/support/free/security/advisories/20040405-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846 http://marc.info/?l=bugtraq&m=108213675028441&w=2 http://rhn.redhat.com/errata/RHSA-2004-166.html http://secunia.com/advisories/11361 http://secunia.com/advisories/11362 http://secunia.com/advisories/11373 http://secunia.com/advisories/11429 http://secunia.com/advisories/11464 http://secunia.com/advisories/11469 http://secunia.com/advisories/11470 http://secunia.com/advisories/11486 http://secunia.com/advisories/11494 http://secunia.com/advisories/11518 http://secunia.com/advisories/11626 http://secunia.com/advisories/11861 http://secunia.com/advisories/11891 http://secunia.com/advisories/11986 http://secunia.com/advisories/12003 http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.ciac.org/ciac/bulletins/o-121.shtml http://www.ciac.org/ciac/bulletins/o-127.shtml http://www.debian.org/security/2004/dsa-479 http://www.debian.org/security/2004/dsa-480 http://www.debian.org/security/2004/dsa-481 http://www.debian.org/security/2004/dsa-482 http://www.debian.org/security/2004/dsa-489 http://www.debian.org/security/2004/dsa-491 http://www.debian.org/security/2004/dsa-495 http://www.idefense.com/application/poi/display?id=101&type=vulnerabilities http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:029 http://www.novell.com/linux/security/advisories/2004_09_kernel.html http://www.redhat.com/support/errata/RHSA-2004-105.html http://www.redhat.com/support/errata/RHSA-2004-106.html http://www.redhat.com/support/errata/RHSA-2004-183.html http://www.securityfocus.com/bid/10141 http://www.turbolinux.com/security/2004/TLSA-2004-14.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/15866 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10733 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A940
Share on: