Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0619

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-0619
Last Modified 21 Aug 2010 12:20:53
Published 06 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0619

Summary

Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.

Vulnerable Systems

Operating System

  • Redhat Fedora Core Core 1.0

  • Redhat Linux 8.0

Application

  • Redhat Kernel 2.4.20-8


References

XF - bcm5820-adddsabufbytes-integer-bo(16459)

REDHAT - RHSA-2004:549

BID - 10599

REDHAT - RHSA-2005:283

BUGTRAQ - 20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow

CIAC - P-047

SECUNIA - 11936


Last Updated: 27 May 2016 10:38:40