Vulnerability Name:

CVE-2004-0177 (CCN-15867)

Assigned:2004-02-28
Published:2004-02-28
Updated:2017-10-11
Summary:The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: DSA 481-1
New Linux 2.4.17 packages fix local root exploit (ia64)

Source: CCN
Type: DSA 482-1
New Linux 2.4.17 packages fix local root exploit (source+powerpc/apus+s390)

Source: MITRE
Type: CNA
CVE-2004-0177

Source: CONECTIVA
Type: UNKNOWN
CLA-2004:846

Source: CCN
Type: Conectiva Linux Announcement CLSA-2004:846
Fixes for kernel vulnerabilities

Source: MISC
Type: UNKNOWN
http://linux.bkbits.net:8080/linux-2.4/cset@4056b368s6vpJbGWxDD_LhQNYQrdzQ

Source: TRUSTIX
Type: UNKNOWN
2004-0020

Source: CCN
Type: RHSA-2004-166
Updated kernel packages resolve security vulnerabilities

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2004:166

Source: CCN
Type: RHSA-2004-504
Updated Itanium kernel packages resolve security issues

Source: CCN
Type: RHSA-2004-505
Updated kernel packages fix security vulnerability

Source: CCN
Type: RHSA-2005-293
kernel security update

Source: GENTOO
Type: UNKNOWN
GLSA-200407-02

Source: CCN
Type: CIAC Information Bulletin O-121
Debian linux-kernel-2.4.17 and 2.4.18 Vulnerabilities

Source: CIAC
Type: UNKNOWN
O-121

Source: CCN
Type: CIAC Information Bulletin O-126
Red Hat Updated Kernel Packages Fix Several Vulnerabilities

Source: CIAC
Type: UNKNOWN
O-126

Source: CCN
Type: CIAC Information Bulletin 0-127
Linux kernel Vulnerabilities

Source: CIAC
Type: UNKNOWN
O-127

Source: DEBIAN
Type: UNKNOWN
DSA-479

Source: DEBIAN
Type: UNKNOWN
DSA-480

Source: DEBIAN
Type: UNKNOWN
DSA-481

Source: DEBIAN
Type: UNKNOWN
DSA-482

Source: DEBIAN
Type: UNKNOWN
DSA-489

Source: DEBIAN
Type: UNKNOWN
DSA-491

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-495

Source: DEBIAN
Type: DSA-479
linux-kernel-2.4.18-alpha+i386+powerpc -- several vulnerabilities

Source: DEBIAN
Type: DSA-480
linux-kernel-2.4.17+2.4.18-hppa -- several vulnerabilities

Source: DEBIAN
Type: DSA-481
linux-kernel-2.4.17-ia64 -- several vulnerabilities

Source: DEBIAN
Type: DSA-482
linux-kernel-2.4.17-apus+s390 -- several vulnerabilities

Source: DEBIAN
Type: DSA-489
linux-kernel-2.4.17-mips+mipsel -- several vulnerabilities

Source: DEBIAN
Type: DSA-491
linux-kernel-2.4.19-mips -- several vulnerabilities

Source: DEBIAN
Type: DSA-495
linux-kernel-2.4.16-arm -- several vulnerabilities

Source: CCN
Type: GLSA-200407-02
Linux Kernel: Multiple vulnerabilities

Source: CCN
Type: Linux kernel Web site
The Linux Kernel Archives

Source: ENGARDE
Type: Patch, Vendor Advisory
ESA-20040428-004

Source: CCN
Type: Guardian Digital Security Advisory ESA-20040428-004
kernel

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2004:029

Source: REDHAT
Type: UNKNOWN
RHSA-2004:504

Source: REDHAT
Type: UNKNOWN
RHSA-2004:505

Source: REDHAT
Type: UNKNOWN
RHSA-2005:293

Source: BID
Type: UNKNOWN
10152

Source: CCN
Type: BID-10152
Linux Kernel EXT3 File System Information Leakage Vulnerability

Source: FEDORA
Type: UNKNOWN
FLSA:2336

Source: XF
Type: UNKNOWN
linux-ext3-info-disclosure(15867)

Source: XF
Type: UNKNOWN
linux-ext3-info-disclosure(15867)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10556

Vulnerable Configuration:Configuration 1:
  • cpe:/o:linux:linux_kernel:2.4.0:-:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:2.4.3:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.22:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.21:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.0:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.11:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.19:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.23:-:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*
  • AND
  • cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:10556
    V
    		The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.
    2013-04-29
    oval:com.redhat.rhsa:def:20050293
    P
    		RHSA-2005:293: kernel security update (Important)
    2005-05-13
    oval:org.debian:def:495
    V
    		several vulnerabilities
    2004-04-26
    oval:org.debian:def:489
    V
    		several vulnerabilities
    2004-04-17
    oval:org.debian:def:491
    V
    		several vulnerabilities
    2004-04-17
    oval:org.debian:def:482
    V
    		several vulnerabilities
    2004-04-14
    oval:org.debian:def:479
    V
    		several vulnerabilities
    2004-04-14
    oval:org.debian:def:480
    V
    		several vulnerabilities
    2004-04-14
    oval:org.debian:def:481
    V
    		several vulnerabilities
    2004-04-14
    BACK
    linux linux kernel 2.4.0
    linux linux kernel 2.4.3
    linux linux kernel 2.4.4
    linux linux kernel 2.4.5
    linux linux kernel 2.4.6
    linux linux kernel 2.4.18
    linux linux kernel 2.4.20
    linux linux kernel 2.4.22
    linux linux kernel 2.4.7
    linux linux kernel 2.4.21
    linux linux kernel 2.4.0
    linux linux kernel 2.4.1
    linux linux kernel 2.4.10
    linux linux kernel 2.4.11
    linux linux kernel 2.4.12
    linux linux kernel 2.4.13
    linux linux kernel 2.4.14
    linux linux kernel 2.4.15
    linux linux kernel 2.4.16
    linux linux kernel 2.4.17
    linux linux kernel 2.4.19
    linux linux kernel 2.4.2
    linux linux kernel 2.4.23
    linux linux kernel 2.4.24
    linux linux kernel 2.4.25
    linux linux kernel 2.4.8
    linux linux kernel 2.4.9
    conectiva linux 8.0
    debian debian linux 3.0
    gentoo linux *
    mandrakesoft mandrake multi network firewall 8.2
    mandrakesoft mandrake linux corporate server 2.1
    mandrakesoft mandrake linux 9.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat linux 9.0
    conectiva linux 9.0
    trustix secure linux 2.0
    engardelinux secure community 2.0
    mandrakesoft mandrake linux 9.2
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    trustix secure linux 2.1
    mandrakesoft mandrake linux 10.0
    redhat enterprise linux 3
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 9.1
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux corporate server 2.1