Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-1071 | First vendor Publication | 2005-01-10 |
Vendor | Cve | Last vendor Modification | 2017-10-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1071 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9917 | |||
Oval ID: | oval:org.mitre.oval:def:9917 | ||
Title: | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | ||
Description: | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1071 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
11598 | Linux Kernel ELF Binary Loader mmap() Failure Handling Issue The ELF binary loader in the Linux kernel contains a flaw that may allow a malicious user to manipulate the system into loading a binary into memory incorrectly. The issue is triggered when the mmap() function fails. It is possible that the flaw may allow the attacker to supply an arbitrary memory layout for the binary, resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-293.nasl - Type : ACT_GATHER_INFO |
2006-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0191.nasl - Type : ACT_GATHER_INFO |
2005-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-293.nasl - Type : ACT_GATHER_INFO |
2005-01-26 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-022.nasl - Type : ACT_GATHER_INFO |
2004-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-505.nasl - Type : ACT_GATHER_INFO |
2004-12-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-537.nasl - Type : ACT_GATHER_INFO |
2004-12-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-549.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:39 |
|
2024-02-01 12:01:34 |
|
2023-09-05 12:02:31 |
|
2023-09-05 01:01:25 |
|
2023-09-02 12:02:33 |
|
2023-09-02 01:01:25 |
|
2023-08-12 12:03:04 |
|
2023-08-12 01:01:26 |
|
2023-08-11 12:02:39 |
|
2023-08-11 01:01:27 |
|
2023-08-06 12:02:27 |
|
2023-08-06 01:01:27 |
|
2023-08-04 12:02:31 |
|
2023-08-04 01:01:27 |
|
2023-07-14 12:02:29 |
|
2023-07-14 01:01:27 |
|
2023-03-29 01:02:31 |
|
2023-03-28 12:01:32 |
|
2022-10-11 12:02:13 |
|
2022-10-11 01:01:19 |
|
2021-05-04 12:02:27 |
|
2021-04-22 01:02:37 |
|
2020-05-23 00:15:56 |
|
2017-10-11 09:23:25 |
|
2017-07-11 12:01:33 |
|
2016-04-26 12:55:28 |
|
2014-02-17 10:28:23 |
|
2013-07-18 17:18:46 |
|
2013-05-11 11:43:45 |
|