Oval Definition:oval:org.mitre.oval:def:940
Revision Date:2007-04-25Version:19
Title:Linux Kernel ISO9660 File System Component BO
Description:Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0109
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND ix86 architecture
  • AND kernel versions
  • kernel version is less than 2.4.21-9.0.3.EL
  • OR kernel-smp version is less than 2.4.21-9.0.3.EL
  • OR kernel-hugemem version is less than 2.4.21-9.0.3.EL
  • AND Configuration section
  • /bin/mount is world-executable AND Set-UID
  • /bin/mount is world-executable AND Set-UID
  • AND /bin/mount is world-executable AND Set-UID
  • BACK