Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1190

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-1190
Last Modified 21 Aug 2010 12:22:01
Published 10 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-1190

Summary

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.

Vulnerable Systems

Operating System

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0


References

SUSE - SUSE-SA:2004:042

XF - suse-scsi-firmware-overwrite(18370)

BID - 11784

REDHAT - RHSA-2006:0101

SECUNIA - 18510


Last Updated: 27 May 2016 10:38:56