Lucene search

MitreCVE-2004-0587

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0587

2004-08-0604:00:00

mitre

web.nvd.nist.gov

cve-2004-0587

insecure permissions

/proc directory

denial of service

linux

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

Percentile

9.8%

JSON

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

Affected configurations

Nvd

Node

mandrakesoftmandrake_linuxMatch9.2

mandrakesoftmandrake_linuxMatch9.2amd64

mandrakesoftmandrake_linuxMatch10.0

mandrakesoftmandrake_linuxMatch10.0amd64

mandrakesoftmandrake_linux_corporate_serverMatch2.1

mandrakesoftmandrake_linux_corporate_serverMatch2.1x86_64

redhatfedora_coreMatchcore_1.0

susesuse_linuxMatch8enterprise_server

susesuse_linuxMatch8.1

susesuse_linuxMatch9.0

VendorProductVersionCPE
mandrakesoftmandrake_linux9.2cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
mandrakesoftmandrake_linux9.2cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*
mandrakesoftmandrake_linux10.0cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
mandrakesoftmandrake_linux10.0cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
mandrakesoftmandrake_linux_corporate_server2.1cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
mandrakesoftmandrake_linux_corporate_server2.1cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*
redhatfedora_corecore_1.0cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*
susesuse_linux8cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
susesuse_linux8.1cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
susesuse_linux9.0cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mandrakesoft	mandrake_linux	9.2	cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:::::::*
mandrakesoft	mandrake_linux	9.2	cpe:2.3:o:mandrakesoft:mandrake_linux:9.2::amd64:::::
mandrakesoft	mandrake_linux	10.0	cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:::::::*
mandrakesoft	mandrake_linux	10.0	cpe:2.3:o:mandrakesoft:mandrake_linux:10.0::amd64:::::
mandrakesoft	mandrake_linux_corporate_server	2.1	cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:::::::*
mandrakesoft	mandrake_linux_corporate_server	2.1	cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:::::
redhat	fedora_core	core_1.0	cpe:2.3:o:redhat:fedora_core:core_1.0:::::::*
suse	suse_linux	8	cpe:2.3:o:suse:suse_linux:8::enterprise_server:::::
suse	suse_linux	8.1	cpe:2.3:o:suse:suse_linux:8.1:::::::*
suse	suse_linux	9.0	cpe:2.3:o:suse:suse_linux:9.0:::::::*

References

ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc

lwn.net/Articles/91155/

securitytracker.com/id?1010057

www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066

www.novell.com/linux/security/advisories/2004_10_kernel.html

www.redhat.com/support/errata/RHSA-2004-413.html

www.redhat.com/support/errata/RHSA-2004-418.html

www.securityfocus.com/bid/10279

exchange.xforce.ibmcloud.com/vulnerabilities/16062

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

Percentile

9.8%

JSON

Related for CVE-2004-0587