Vulnerability CVE-2004-1076 - CERT Civis.Net

Vulnerability Name:

CVE-2004-1076 (CCN-18273)

Assigned:

2004-11-25

Published:

2004-11-25

Updated:

2016-10-18

Summary:

Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.

CVSS v3 Severity:

9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Privileges

References:

Source: CCN
Type: BugTraq Mailing List, Fri Nov 26 2004 - 04:00:35 CST
Re: Atari800 - local root. (fwd)

Source: CCN
Type: Full-Disclosure Mailing List Thu Nov 25 2004 - 02:23:34 CST
Atari800 - local root.

Source: CCN
Type: Atari800 Download Web page
Official Releases

Source: MITRE
Type: CNA
CVE-2004-1076

Source: CONFIRM
Type: UNKNOWN
http://cvs.sourceforge.net/viewcvs.py/atari800/atari800/DOC/ChangeLog?view=markup

Source: BUGTRAQ
Type: UNKNOWN
20041125 Atari800 - local root.

Source: BUGTRAQ
Type: UNKNOWN
20041126 Re: Atari800 - local root. (fwd)

Source: CCN
Type: SA13670
Atari800 Unspecified Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
13670

Source: DEBIAN
Type: UNKNOWN
DSA-609

Source: DEBIAN
Type: DSA-609
atari800 -- buffer overflows

Source: OSVDB
Type: UNKNOWN
12610

Source: CCN
Type: OSVDB ID: 12140
Atari800 Atari800_Initialise() Function Local Overflow

Source: CCN
Type: OSVDB ID: 12610
Atari800 Unspecified Local Overflow

Source: BID
Type: Exploit, Patch, Vendor Advisory
11756

Source: CCN
Type: BID-11756
Atari800 Emulator Multiple Local Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
atari800-initialise-gain-privileges(18273)

Vulnerable Configuration:

Configuration 1:

cpe:/o:atari800:atari800:0.5.4:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.6:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.6.2:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.7:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.8.1:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.8.2:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.8.6:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.8.7:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.8.8:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.8.9:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.1:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.2:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.3:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.4:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.5:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.6:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.7:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.8:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9a:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9b:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9c:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9d:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9e:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9f:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9g:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9h:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9i:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:0.9.9j:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0.1:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0.2:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0.3:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0.4:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0.5:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0.6:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.0.7:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2.1:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2.1_pre0:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2.2:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2.3:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2.4:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2.5:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.2_pre0:*:*:*:*:*:*:*

OR cpe:/o:atari800:atari800:1.3:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:arm:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:mips:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.debian:def:609	V	buffer overflows	2004-12-14