Oval Definition:	oval:org.mitre.oval:def:940
Revision Date: 2007-04-25 Version: 19 Title: Linux Kernel ISO9660 File System Component BO Description: Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0109 Platform(s): Red Hat Enterprise Linux 3 Product(s): Definition Synopsis Software section Red Hat Enterprise 3 is installed AND ix86 architecture AND kernel versions kernel version is less than 2.4.21-9.0.3.EL OR kernel-smp version is less than 2.4.21-9.0.3.EL OR kernel-hugemem version is less than 2.4.21-9.0.3.EL AND Configuration section /bin/mount is world-executable AND Set-UID /bin/mount is world-executable AND Set-UID AND /bin/mount is world-executable AND Set-UID
BACK