|
|
CVE Reference: CVE-2004-1137 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1137 |
|
|
Description: Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/18482 http://xforce.iss.net/xforce/xfdb/18481 VULNWATCH SUSE http://www.novell.com/linux/security/advisories/2004_44_kernel.html REDHAT http://www.redhat.com/support/errata/RHSA-2005-092.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11144 MISC http://isec.pl/vulnerabilities/isec-0018-igmp.txt MANDRAKE http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 FEDORA CONECTIVA http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=110306397320336&w=2 |
|
| Return to the previous page. |
