Executive Summary
Summary | |
---|---|
Title | New Linux 2.4.18 packages fix locate root exploit |
Informations | |||
---|---|---|---|
Name | DSA-413 | First vendor Publication | 2004-01-06 |
Vendor | Debian | Last vendor Modification | 2004-01-06 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.2.x, 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. For the stable distribution (woody) this problem has been fixed in kernel-source version 2.4.18-14.1 and kernel-images versions 2.4.18-12.1 and 2.4.18-5woody6 (bf) for the i386 architecture. For the unstable distribution (sid) this problem will be fixed soon with newly uploaded packages. We recommend that you upgrade your kernel packages. This problem has been fixed in the upstream version 2.4.24 as well. |
Original Source
Url : http://www.debian.org/security/2004/dsa-413 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10189 | |||
Oval ID: | oval:org.mitre.oval:def:10189 | ||
Title: | The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. | ||
Description: | The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0985 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:860 | |||
Oval ID: | oval:org.mitre.oval:def:860 | ||
Title: | Red Hat Linux Kernel do_mremap Denial of Service Vulnerability | ||
Description: | The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0985 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:867 | |||
Oval ID: | oval:org.mitre.oval:def:867 | ||
Title: | Red Hat Enterprise 3 Linux Kernel do_mremap Denial of Service Vulnerability | ||
Description: | The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0985 | Version: | 2 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | Linux kernel |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 413-1 (kernel-source-2.4.18, kernel-image-2.4.18... File : nvt/deb_413_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 417-1 (kernel-patch-2.4.18-powerpc, kernel-image... File : nvt/deb_417_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 417-2 (kernel-image-2.4.18-1-alpha) File : nvt/deb_417_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64) File : nvt/deb_423_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 427-1 (kernel-patch-2.4.17-mips) File : nvt/deb_427_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 439-1 (kernel) File : nvt/deb_439_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 440-1 (kernel-source-2.4.17, kernel-patch-2.4.17... File : nvt/deb_440_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2.... File : nvt/deb_442_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 450-1 (kernel-source-2.4.19, kernel-patch-2.4.19... File : nvt/deb_450_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 470-1 (kernel-image-2.4.17-hppa) File : nvt/deb_470_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 475-1 (kernel-image-2.4.17-hppa) File : nvt/deb_475_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2004-006-01 Kernel security update File : nvt/esoft_slk_ssa_2004_006_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2004-049-01 Kernel security update File : nvt/esoft_slk_ssa_2004_049_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
3315 | Linux Kernel do_mremap() Privilege Escalation A local overflow exists in the Linux kernel. The do_mremap() function fails to perform bounds checking resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of confidentiality, integrity, and/or availability. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-07-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-008-01.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-049-01.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-006-01.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-440.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-475.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-470.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-450.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-442.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-439.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-427.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-423.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-417.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-413.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-001.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2003-046.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-416.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-419.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:32:59 |
|