CVE-2004-1295

Name of the Vulnerable Software and Affected Versions: uml-utilities version 20030903

Description: The issue concerns the slip down function in slip.c for the uml net program. It does not verify whether the calling user has sufficient permission to disable an interface. This allows local users to cause a denial of service by disabling the network service.

Recommendations: For uml-utilities version 20030903, consider restricting access to the uml net program when it is installed setuid root, to prevent local users from disabling network interfaces without proper authorization. As a temporary workaround, consider disabling the slip down function in slip.c until a patch is available.