Executive Summary

Informations
NameCVE-2004-1335First vendor Publication2004-12-15
VendorCveLast vendor Modification2010-08-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score2.1Attack RangeLocal
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1335

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11085
 
Oval ID: oval:org.mitre.oval:def:11085
Title: Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Description: Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1335
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os97
Os3
Os4

OpenVAS Exploits

DateDescription
2008-01-17Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16)
File : nvt/deb_1067_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-...
File : nvt/deb_1070_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17)
File : nvt/deb_1082_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
13535Linux Kernel ip_options_get Memory Leak DoS

Nessus® Vulnerability Scanner

DateDescription
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO
2006-01-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-47-1.nasl - Type : ACT_GATHER_INFO
2005-01-25Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-016.nasl - Type : ACT_GATHER_INFO
2004-12-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-689.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/11956
BUGTRAQhttp://marc.theaimsgroup.com/?l=bugtraq&m=110383108211524&w=2
DEBIANhttp://www.debian.org/security/2006/dsa-1067
http://www.debian.org/security/2006/dsa-1069
http://www.debian.org/security/2006/dsa-1070
http://www.debian.org/security/2006/dsa-1082
FULLDISChttp://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html
MISChttp://www.guninski.com/where_do_you_want_billg_to_go_today_2.html
REDHAThttp://www.redhat.com/support/errata/RHSA-2005-016.html
http://www.redhat.com/support/errata/RHSA-2005-017.html
SECUNIAhttp://secunia.com/advisories/20163
http://secunia.com/advisories/20202
http://secunia.com/advisories/20338
XFhttp://xforce.iss.net/xforce/xfdb/18524

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:28:41
  • Multiple Updates
2013-05-11 11:44:46
  • Multiple Updates