Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1058

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2004-1058
Last Modified 07 Mar 2011 09:16:34
Published 10 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2004-1058

Summary

Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6 Test9 Cvs

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.9

  • Ubuntu Linux 4.1


References

BID - 11937

FEDORA - FLSA:152532

XF - linux-spawning-race-condition(17151)

UBUNTU - USN-38-1

GENTOO - GLSA-200408-24

BID - 11052

REDHAT - RHSA-2006:0191

REDHAT - RHSA-2006:0190

REDHAT - RHSA-2005:293

MANDRAKE - MDKSA-2005:022

DEBIAN - DSA-1018

SECUNIA - 21476

SECUNIA - 19607

SECUNIA - 19369

SECUNIA - 19038

SECUNIA - 18684

SUSE - SUSE-SA:2006:012

SGI - 20060402-01-U


Last Updated: 27 May 2016 10:38:52