Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1337

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-1337
Last Modified 05 Sep 2008 04:41:02
Published 23 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-1337

Summary

The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.

Vulnerable Systems

Operating System

  • Conectiva Linux 10.0

  • Ubuntu Linux 4.1

Application

  • Gnu Realtime Linux Security Module 0.8.7


References

XF - linux-security-module-gain-privileges(18673)

BID - 12093

BUGTRAQ - 20041223 Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation

CONECTIVA - CLA-2005:930


Last Updated: 27 May 2016 10:39:00