Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2409

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-2409
Last Modified 05 Sep 2008 04:44:03
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2409

Summary

Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code.

Vulnerable Systems

Application

  • Samhain Labs Samhain 1.8.10

  • Samhain Labs Samhain 1.8.10a

  • Samhain Labs Samhain 1.8.10b

  • Samhain Labs Samhain 1.8.11

  • Samhain Labs Samhain 1.8.12

  • Samhain Labs Samhain 1.8.12a

  • Samhain Labs Samhain 1.8.12b

  • Samhain Labs Samhain 1.8.9

  • Samhain Labs Samhain 2.0.0

  • Samhain Labs Samhain 2.0.1


References

XF - samhain-update-bo(18000)

BID - 11635

OSVDB - 11525

SECTRACK - 1012142

SECUNIA - 13130


Last Updated: 27 May 2016 10:39:28