Executive Summary

Informations
Name CVE-2004-1335 First vendor Publication 2004-12-15
Vendor Cve Last vendor Modification 2010-08-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 2.1 Attack Range Local
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1335

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11085
 
Oval ID: oval:org.mitre.oval:def:11085
Title: Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Description: Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1335
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os97
Os3
Os4

OpenVAS Exploits

DateDescription
2008-01-17Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16)
File : nvt/deb_1067_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-...
File : nvt/deb_1070_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17)
File : nvt/deb_1082_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
13535Linux Kernel ip_options_get Memory Leak DoS

Nessus® Vulnerability Scanner

DateDescription
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO
2006-01-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-47-1.nasl - Type : ACT_GATHER_INFO
2005-01-25Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-016.nasl - Type : ACT_GATHER_INFO
2004-12-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-689.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/11956
BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=110383108211524&w=2
DEBIAN http://www.debian.org/security/2006/dsa-1067
http://www.debian.org/security/2006/dsa-1069
http://www.debian.org/security/2006/dsa-1070
http://www.debian.org/security/2006/dsa-1082
FULLDISC http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html
MISC http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html
REDHAT http://www.redhat.com/support/errata/RHSA-2005-016.html
http://www.redhat.com/support/errata/RHSA-2005-017.html
SECUNIA http://secunia.com/advisories/20163
http://secunia.com/advisories/20202
http://secunia.com/advisories/20338
XF http://xforce.iss.net/xforce/xfdb/18524

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:28:41
  • Multiple Updates
2013-05-11 11:44:46
  • Multiple Updates