CVE-2004-1072 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2004-1072
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-1072

Description: The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/18025 SGI SAID Secunia Advisory: SA20162 Secunia Advisory: SA20163 Secunia Advisory: SA20202 Secunia Advisory: SA20338 Secunia Advisory: SA19607 REDHAT http://www.redhat.com/support/errata/RHSA-2004-505.html http://www.redhat.com/support/errata/RHSA-2004-504.html http://www.redhat.com/support/errata/RHSA-2005-275.html http://www.redhat.com/support/errata/RHSA-2004-537.html MISC http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:022 FEDORA DEBIAN http://www.debian.org/security/2006/dsa-1082 http://www.debian.org/security/2006/dsa-1069 http://www.debian.org/security/2006/dsa-1067 http://www.debian.org/security/2006/dsa-1070 BID 11646 11646

Return to the previous page.