PT-2004-3746 · Linux+2 · Linux Kernel+2

Publicado

1970-01-01

·

Atualizado

2017-10-11

·

CVE-2005-0504

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.2.x through 2.6.x before 2.6.22 Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version Debian GNU/Linux kernel-image-2.4.18-sun4u version Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version Debian GNU/Linux kernel-image-2.4.19-sparc version Debian GNU/Linux kernel-image-2.4.19-sun4u version Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version Debian GNU/Linux kernel-headers-2.4.18-sparc version Debian GNU/Linux kernel-headers-2.4.19-sparc version Debian GNU/Linux kernel-patch-benh version
Description The issue involves multiple vulnerabilities in the Linux kernel and Debian GNU/Linux kernel packages, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. A buffer overflow vulnerability in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
Recommendations For Linux kernel versions 2.2.x through 2.6.x before 2.6.22, update to version 2.6.22 or later to resolve the issue. For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version, update to a non-vulnerable version. For Debian GNU/Linux kernel-image-2.4.18-sun4u version, update to a non-vulnerable version. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version, update to a non-vulnerable version. For Debian GNU/Linux kernel-image-2.4.19-sparc version, update to a non-vulnerable version. For Debian GNU/Linux kernel-image-2.4.19-sun4u version, update to a non-vulnerable version. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version, update to a non-vulnerable version. For Debian GNU/Linux kernel-headers-2.4.18-sparc version, update to a non-vulnerable version. For Debian GNU/Linux kernel-headers-2.4.19-sparc version, update to a non-vulnerable version. For Debian GNU/Linux kernel-patch-benh version, update to a non-vulnerable version.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2015-03380
BDU:2015-03381
BDU:2015-03382
BDU:2015-03383
BDU:2015-03384
BDU:2015-03385
BDU:2015-03576
BDU:2015-03577
CVE-2005-0504
DSA-1067-1
DSA-1069-1
DSA-1070-1
DSA-1082-1
RHSA-2005:663
RHSA-2005_663
RHSA-2008:0237
RHSA-2008_0237

Produtos afetados

Debian
Linux Kernel
Red Hat