Vulnerabilites related to engardelinux - secure_community
cve-2003-0962
Vulnerability from cvelistv5
Published
2003-12-10 05:00
Modified
2024-08-08 02:12
Severity ?
Summary
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
References
http://marc.info/?l=bugtraq&m=107055681311602&w=2mailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=107055684711629&w=2vendor-advisory, x_refsource_TRUSTIX
http://secunia.com/advisories/10362third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/10364third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/10354third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/13899vdb-entry, x_refsource_XF
http://secunia.com/advisories/10363third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/10353third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/10357third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/10355third-party-advisory, x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/325603third-party-advisory, x_refsource_CERT-VN
http://secunia.com/advisories/10358third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=107056923528423&w=2mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/10360third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/10361third-party-advisory, x_refsource_SECUNIA
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794vendor-advisory, x_refsource_CONECTIVA
http://marc.info/?l=bugtraq&m=107055702911867&w=2mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/10474third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20031202-01-Uvendor-advisory, x_refsource_SGI
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415vdb-entry, signature, x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2003-398.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/10356third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/2898vdb-entry, x_refsource_OSVDB
http://www.mandriva.com/security/advisories?name=MDKSA-2003:111vendor-advisory, x_refsource_MANDRAKE
http://www.securityfocus.com/bid/9153vdb-entry, x_refsource_BID
http://secunia.com/advisories/10359third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/10378third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.339Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20031204 rsync security advisory (fwd)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
          },
          {
            "name": "2003-0048",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
          },
          {
            "name": "10362",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10362"
          },
          {
            "name": "10364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10364"
          },
          {
            "name": "10354",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10354"
          },
          {
            "name": "linux-rsync-heap-overflow(13899)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
          },
          {
            "name": "10363",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10363"
          },
          {
            "name": "10353",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10353"
          },
          {
            "name": "10357",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10357"
          },
          {
            "name": "10355",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10355"
          },
          {
            "name": "VU#325603",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/325603"
          },
          {
            "name": "10358",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10358"
          },
          {
            "name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
          },
          {
            "name": "10360",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10360"
          },
          {
            "name": "10361",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10361"
          },
          {
            "name": "CLA-2003:794",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
          },
          {
            "name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
          },
          {
            "name": "10474",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10474"
          },
          {
            "name": "20031202-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
          },
          {
            "name": "oval:org.mitre.oval:def:9415",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
          },
          {
            "name": "RHSA-2003:398",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
          },
          {
            "name": "10356",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10356"
          },
          {
            "name": "2898",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/2898"
          },
          {
            "name": "MDKSA-2003:111",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
          },
          {
            "name": "9153",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9153"
          },
          {
            "name": "10359",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10359"
          },
          {
            "name": "10378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10378"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-12-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20031204 rsync security advisory (fwd)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
        },
        {
          "name": "2003-0048",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
        },
        {
          "name": "10362",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10362"
        },
        {
          "name": "10364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10364"
        },
        {
          "name": "10354",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10354"
        },
        {
          "name": "linux-rsync-heap-overflow(13899)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
        },
        {
          "name": "10363",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10363"
        },
        {
          "name": "10353",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10353"
        },
        {
          "name": "10357",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10357"
        },
        {
          "name": "10355",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10355"
        },
        {
          "name": "VU#325603",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/325603"
        },
        {
          "name": "10358",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10358"
        },
        {
          "name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
        },
        {
          "name": "10360",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10360"
        },
        {
          "name": "10361",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10361"
        },
        {
          "name": "CLA-2003:794",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
        },
        {
          "name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
        },
        {
          "name": "10474",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10474"
        },
        {
          "name": "20031202-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
        },
        {
          "name": "oval:org.mitre.oval:def:9415",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
        },
        {
          "name": "RHSA-2003:398",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
        },
        {
          "name": "10356",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10356"
        },
        {
          "name": "2898",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/2898"
        },
        {
          "name": "MDKSA-2003:111",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
        },
        {
          "name": "9153",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9153"
        },
        {
          "name": "10359",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10359"
        },
        {
          "name": "10378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10378"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0962",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20031204 rsync security advisory (fwd)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
            },
            {
              "name": "2003-0048",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
            },
            {
              "name": "10362",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10362"
            },
            {
              "name": "10364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10364"
            },
            {
              "name": "10354",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10354"
            },
            {
              "name": "linux-rsync-heap-overflow(13899)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
            },
            {
              "name": "10363",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10363"
            },
            {
              "name": "10353",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10353"
            },
            {
              "name": "10357",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10357"
            },
            {
              "name": "10355",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10355"
            },
            {
              "name": "VU#325603",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/325603"
            },
            {
              "name": "10358",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10358"
            },
            {
              "name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
            },
            {
              "name": "10360",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10360"
            },
            {
              "name": "10361",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10361"
            },
            {
              "name": "CLA-2003:794",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
            },
            {
              "name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
            },
            {
              "name": "10474",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10474"
            },
            {
              "name": "20031202-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
            },
            {
              "name": "oval:org.mitre.oval:def:9415",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
            },
            {
              "name": "RHSA-2003:398",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
            },
            {
              "name": "10356",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10356"
            },
            {
              "name": "2898",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/2898"
            },
            {
              "name": "MDKSA-2003:111",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
            },
            {
              "name": "9153",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9153"
            },
            {
              "name": "10359",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10359"
            },
            {
              "name": "10378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10378"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0962",
    "datePublished": "2003-12-10T05:00:00",
    "dateReserved": "2003-11-26T00:00:00",
    "dateUpdated": "2024-08-08T02:12:35.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0535
Vulnerability from cvelistv5
Published
2004-06-08 04:00
Modified
2024-08-08 00:24
Severity ?
Summary
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
References
http://www.securityfocus.com/bid/10352vdb-entry, x_refsource_BID
http://www.redhat.com/support/errata/RHSA-2004-413.htmlvendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2004-418.htmlvendor-advisory, x_refsource_REDHAT
http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.logx_refsource_CONFIRM
http://lwn.net/Articles/91155/vendor-advisory, x_refsource_FEDORA
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845vendor-advisory, x_refsource_CONECTIVA
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2004:062vendor-advisory, x_refsource_MANDRAKE
https://exchange.xforce.ibmcloud.com/vulnerabilities/16159vdb-entry, x_refsource_XF
ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.ascvendor-advisory, x_refsource_SGI
http://security.gentoo.org/glsa/glsa-200407-02.xmlvendor-advisory, x_refsource_GENTOO
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136vdb-entry, signature, x_refsource_OVAL
http://www.novell.com/linux/security/advisories/2004_20_kernel.htmlvendor-advisory, x_refsource_SUSE
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:26.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10352",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10352"
          },
          {
            "name": "RHSA-2004:413",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
          },
          {
            "name": "RHSA-2004:418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
          },
          {
            "name": "FEDORA-2004-186",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lwn.net/Articles/91155/"
          },
          {
            "name": "CLA-2004:845",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
          },
          {
            "name": "MDKSA-2004:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
          },
          {
            "name": "linux-e1000-bo(16159)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
          },
          {
            "name": "20040804-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
          },
          {
            "name": "GLSA-200407-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:11136",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
          },
          {
            "name": "SUSE-SA:2004:020",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory.  NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10352",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10352"
        },
        {
          "name": "RHSA-2004:413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
        },
        {
          "name": "RHSA-2004:418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
        },
        {
          "name": "FEDORA-2004-186",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lwn.net/Articles/91155/"
        },
        {
          "name": "CLA-2004:845",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
        },
        {
          "name": "MDKSA-2004:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
        },
        {
          "name": "linux-e1000-bo(16159)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
        },
        {
          "name": "20040804-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
        },
        {
          "name": "GLSA-200407-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:11136",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
        },
        {
          "name": "SUSE-SA:2004:020",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory.  NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10352",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10352"
            },
            {
              "name": "RHSA-2004:413",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
            },
            {
              "name": "RHSA-2004:418",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
            },
            {
              "name": "FEDORA-2004-186",
              "refsource": "FEDORA",
              "url": "http://lwn.net/Articles/91155/"
            },
            {
              "name": "CLA-2004:845",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
            },
            {
              "name": "MDKSA-2004:062",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
            },
            {
              "name": "linux-e1000-bo(16159)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
            },
            {
              "name": "20040804-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
            },
            {
              "name": "GLSA-200407-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:11136",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
            },
            {
              "name": "SUSE-SA:2004:020",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0535",
    "datePublished": "2004-06-08T04:00:00",
    "dateReserved": "2004-06-04T00:00:00",
    "dateUpdated": "2024-08-08T00:24:26.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2024-11-20 23:45
Severity ?
Summary
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
References
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20031202-01-U
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794
cve@mitre.orghttp://marc.info/?l=bugtraq&m=107055681311602&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=107055684711629&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=107055702911867&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=107056923528423&w=2
cve@mitre.orghttp://secunia.com/advisories/10353
cve@mitre.orghttp://secunia.com/advisories/10354
cve@mitre.orghttp://secunia.com/advisories/10355
cve@mitre.orghttp://secunia.com/advisories/10356
cve@mitre.orghttp://secunia.com/advisories/10357
cve@mitre.orghttp://secunia.com/advisories/10358
cve@mitre.orghttp://secunia.com/advisories/10359
cve@mitre.orghttp://secunia.com/advisories/10360
cve@mitre.orghttp://secunia.com/advisories/10361
cve@mitre.orghttp://secunia.com/advisories/10362
cve@mitre.orghttp://secunia.com/advisories/10363
cve@mitre.orghttp://secunia.com/advisories/10364
cve@mitre.orghttp://secunia.com/advisories/10378
cve@mitre.orghttp://secunia.com/advisories/10474
cve@mitre.orghttp://www.kb.cert.org/vuls/id/325603US Government Resource
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2003:111
cve@mitre.orghttp://www.osvdb.org/2898
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-398.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/9153Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/13899
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=107055681311602&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=107055684711629&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=107055702911867&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=107056923528423&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10353
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10354
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10355
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10356
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10357
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10358
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10359
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10360
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10361
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10362
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10363
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10364
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10378
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10474
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/325603US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2003:111
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/2898
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-398.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/9153Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/13899
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415
Impacted products
Vendor Product Version
andrew_tridgell rsync 2.3.1
andrew_tridgell rsync 2.3.2
andrew_tridgell rsync 2.4.0
andrew_tridgell rsync 2.4.1
andrew_tridgell rsync 2.4.3
andrew_tridgell rsync 2.4.4
andrew_tridgell rsync 2.4.5
andrew_tridgell rsync 2.4.6
andrew_tridgell rsync 2.4.8
andrew_tridgell rsync 2.5.0
andrew_tridgell rsync 2.5.1
andrew_tridgell rsync 2.5.2
andrew_tridgell rsync 2.5.3
andrew_tridgell rsync 2.5.4
andrew_tridgell rsync 2.5.5
andrew_tridgell rsync 2.5.6
redhat rsync 2.4.6-2
redhat rsync 2.4.6-5
redhat rsync 2.4.6-5
redhat rsync 2.5.4-2
redhat rsync 2.5.5-1
redhat rsync 2.5.5-4
engardelinux secure_community 1.0.1
engardelinux secure_community 2.0
engardelinux secure_linux 1.1
engardelinux secure_linux 1.2
engardelinux secure_linux 1.5
slackware slackware_linux 8.1
slackware slackware_linux 9.0
slackware slackware_linux 9.1
slackware slackware_linux current


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "138253E8-6342-4A88-89E6-B579782BC273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A95770-7838-4D26-98BD-F3C0A264C431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26EB2DBC-F71C-4D86-9436-FA06B7244F1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "41681E68-E4D3-4466-8BAF-12F38D670C73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C472D33-56FC-4939-A800-00C319D44D45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D57C7AF3-A648-44E3-9ABF-D546B34BDC02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "38450ED2-6642-4ADB-ACBC-702588904B50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC163657-8FD5-4578-8452-49ABAA1121D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAFB0E34-5886-454E-9680-640F8FE6A4B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA756243-887B-42FD-9A68-2D54CE44AA0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "502E8AC0-7293-41A0-BA17-873DEE5133DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "55E84BFA-DAF8-4842-8542-E244FE16CBD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DC02AD4-07B4-4A35-BB74-7228A1CDABE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B1ECCC-AAF1-4A3A-BDFA-7955E1AA3683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4726E9-246B-4C6F-8253-0F09886749A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "59CAA1CD-09D5-40CC-9A27-738B4028BF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:rsync:2.4.6-2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "C3AC2944-7891-474C-8CEE-FC79129AC6F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:rsync:2.4.6-5:*:i386:*:*:*:*:*",
              "matchCriteriaId": "88D09EE3-7737-49EE-B8F6-5775228DA1C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:rsync:2.4.6-5:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "7F7E7DAE-7D7F-4D3F-A3CE-DF2E3650F145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:rsync:2.5.4-2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "151183D0-4807-470D-808B-115AD366BEAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:rsync:2.5.5-1:*:i386:*:*:*:*:*",
              "matchCriteriaId": "E7DB4650-6A89-480E-BAFA-C2E3F4521601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:rsync:2.5.5-4:*:i386:*:*:*:*:*",
              "matchCriteriaId": "0730AD53-5419-4144-AE01-143142AD6404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "444E0C0D-5121-4B89-BEF2-7D070AD2C8C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "835156D0-D0D8-4A82-9342-95E7239E3477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "E61A9563-ECBE-41DB-A973-E0DEE41BE28F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "E164271C-4A66-4DE2-890A-6A21D45F77D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*",
              "matchCriteriaId": "4E62C413-935F-459C-8F11-73F5B483E759",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el mont\u00f3n en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y posiblemente escapar del confinamiento chroot."
    }
  ],
  "id": "CVE-2003-0962",
  "lastModified": "2024-11-20T23:45:57.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-12-15T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10353"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10354"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10355"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10356"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10357"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10358"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10359"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10360"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10361"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10362"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10363"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10364"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10378"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10474"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/325603"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/2898"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9153"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10353"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10359"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10360"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10362"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/325603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/2898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
References
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
cve@mitre.orghttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
cve@mitre.orghttp://lwn.net/Articles/91155/
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200407-02.xmlVendor Advisory
cve@mitre.orghttp://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:062
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2004_20_kernel.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-413.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-418.html
cve@mitre.orghttp://www.securityfocus.com/bid/10352Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16159
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
af854a3a-2127-422b-91ae-364da2661108http://lwn.net/Articles/91155/
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200407-02.xmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:062
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2004_20_kernel.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-413.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-418.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10352Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16159
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136
Impacted products
Vendor Product Version
mandrakesoft mandrake_multi_network_firewall 8.2
suse suse_email_server 3.1
suse suse_email_server iii
suse suse_linux_admin-cd_for_firewall *
suse suse_linux_connectivity_server *
suse suse_linux_database_server *
suse suse_linux_firewall_cd *
suse suse_linux_firewall_live-cd *
suse suse_linux_office_server *
suse suse_office_server *
conectiva linux 8.0
conectiva linux 9.0
engardelinux secure_community 2.0
engardelinux secure_linux 1.5
gentoo linux 1.4
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.0
linux linux_kernel 2.4.1
linux linux_kernel 2.4.2
linux linux_kernel 2.4.3
linux linux_kernel 2.4.4
linux linux_kernel 2.4.5
linux linux_kernel 2.4.6
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.4.9
linux linux_kernel 2.4.10
linux linux_kernel 2.4.11
linux linux_kernel 2.4.12
linux linux_kernel 2.4.13
linux linux_kernel 2.4.14
linux linux_kernel 2.4.15
linux linux_kernel 2.4.16
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.18
linux linux_kernel 2.4.19
linux linux_kernel 2.4.19
linux linux_kernel 2.4.19
linux linux_kernel 2.4.19
linux linux_kernel 2.4.19
linux linux_kernel 2.4.19
linux linux_kernel 2.4.19
linux linux_kernel 2.4.20
linux linux_kernel 2.4.21
linux linux_kernel 2.4.21
linux linux_kernel 2.4.21
linux linux_kernel 2.4.21
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23
linux linux_kernel 2.4.23
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.24
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.4.25
linux linux_kernel 2.4.26
linux linux_kernel 2.4.27
mandrakesoft mandrake_linux 9.1
mandrakesoft mandrake_linux 9.1
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 2.1
suse suse_linux 7
suse suse_linux 8
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A451599B-5F4F-4D7F-B5EF-3AE9F9B89D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD74DAB4-A68E-4748-BC43-2285FC9804D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52E04F16-A0C7-4B0C-A70E-2CA683E0C33B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "941DFF67-E9F6-41F0-A5CB-90105733327D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "117BBA08-9C1B-4CAC-A418-B044D69C27D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52F8C98F-E10C-4FE8-96E7-27426F369E78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_firewall_live-cd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D7140F-589F-44DC-84ED-93FE6989F821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDFB81-4DFE-416A-BCE1-ED96AC3E69B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_office_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BAE686-972A-4756-9E5D-CF2830700891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD14661C-E3BE-44DF-BC8D-294322BF23EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "835156D0-D0D8-4A82-9342-95E7239E3477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*",
              "matchCriteriaId": "4E62C413-935F-459C-8F11-73F5B483E759",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
              "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
              "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
              "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
              "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
              "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
              "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
              "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
              "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
              "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
              "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
              "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
              "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
              "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
              "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
              "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7840155-DCF0-4C34-815B-71F872D31A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory.  NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
    },
    {
      "lang": "es",
      "value": "El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otras fuentes como un \"desbordamiento de b\u00fafer\"."
    }
  ],
  "id": "CVE-2004-0535",
  "lastModified": "2024-11-20T23:48:48.400",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lwn.net/Articles/91155/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10352"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lwn.net/Articles/91155/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}