Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2197

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-2197
Last Modified 05 Sep 2008 04:43:27
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2197

Summary

kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs.

Vulnerable Systems

Application

  • Kdocker 0.1

  • Kdocker 0.2

  • Kdocker 0.3

  • Kdocker 0.4

  • Kdocker 0.5

  • Kdocker 0.6

  • Kdocker 0.7

  • Kdocker 0.8


References

XF - kdocker-kdockerccp-gain-privileges(17718)

BID - 11419

OSVDB - 10729

CONFIRM - http://sourceforge.net/forum/forum.php?forum_id=414631

SECTRACK - 1011688

SECUNIA - 12828

CONFIRM - http://cvs.sourceforge.net/viewcvs.py/kdocker/kdocker/src/kdocker.cpp?r1=1.10&r2=1.11&sortby=log


Last Updated: 27 May 2016 10:39:22