CVE-2004-1073

Description

The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.

CVSS Metrics

• v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.33%• Percentile: 56%

Affected Systems

• linux•linux_kernel

  2.4.0 | 2.4.0:test1 | 2.4.0:test10 | 2.4.0:test11 | 2.4.0:test12 | 2.4.0:test2 | 2.4.0:test3 | 2.4.0:test4 | 2.4.0:test5 | 2.4.0:test6 | 2.4.0:test7 | 2.4.0:test8 | 2.4.0:test9 | 2.4.1 | 2.4.2 | 2.4.3 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 | 2.4.9 | 2.4.10 | 2.4.11 | 2.4.12 | 2.4.13 | 2.4.14 | 2.4.15 | 2.4.16 | 2.4.17 | 2.4.18 | 2.4.18:pre1 | 2.4.18:pre2 | 2.4.18:pre3 | 2.4.18:pre4 | 2.4.18:pre5 | 2.4.18:pre6 | 2.4.18:pre7 | 2.4.18:pre8 | 2.4.19 | 2.4.19:pre1 | 2.4.19:pre2 | 2.4.19:pre3 | 2.4.19:pre4 | 2.4.19:pre5 | 2.4.19:pre6 | 2.4.20 | 2.4.21 | 2.4.21:pre1 | 2.4.21:pre4 | 2.4.21:pre7 | 2.4.22 | 2.4.23 | 2.4.23:pre9 | 2.4.23_ow2 | 2.4.24 | 2.4.24_ow1 | 2.4.25 | 2.4.26 | 2.4.27 | 2.4.27:pre1 | 2.4.27:pre2 | 2.4.27:pre3 | 2.4.27:pre4 | 2.4.27:pre5 | 2.6.0 | 2.6.0:test1 | 2.6.0:test10 | 2.6.0:test11 | 2.6.0:test2 | 2.6.0:test3 | 2.6.0:test4 | 2.6.0:test5 | 2.6.0:test6 | 2.6.0:test7 | 2.6.0:test8 | 2.6.0:test9 | 2.6.1 | 2.6.1:rc1 | 2.6.1:rc2 | 2.6.2 | 2.6.3 | 2.6.4 | 2.6.5 | 2.6.6 | 2.6.6:rc1 | 2.6.7 | 2.6.7:rc1 | 2.6.8 | 2.6.8:rc1 | 2.6.8:rc2 | 2.6.8:rc3 | 2.6.9:2.6.20 | 2.6_test9_cvs

• redhat•enterprise_linux

  2.1 | 3.0

• redhat•enterprise_linux_desktop

  3.0

• redhat•fedora_core

  core_2.0 | core_3.0

• redhat•linux_advanced_workstation

  2.1

• suse•suse_linux

  10 | 8 | 8.1 | 8.2 | 9.0 | 9.1 | 9.2

• trustix•secure_linux

  1.5 | 2.0 | 2.1 | 2.2

• turbolinux•turbolinux_server

  10.0

References (21)

• http://secunia.com/advisories/20163
• http://secunia.com/advisories/18684
• http://www.debian.org/security/2006/dsa-1082
• http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
• http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
• https://bugzilla.fedora.us/show_bug.cgi?id=2336
• http://www.debian.org/security/2006/dsa-1070
• http://secunia.com/advisories/20162
• https://exchange.xforce.ibmcloud.com/vulnerabilities/18025
• http://www.redhat.com/support/errata/RHSA-2006-0190.html
• http://www.redhat.com/support/errata/RHSA-2004-549.html
• http://www.debian.org/security/2006/dsa-1067
• http://www.securityfocus.com/bid/11646
• http://www.debian.org/security/2006/dsa-1069
• http://www.redhat.com/support/errata/RHSA-2005-293.html
• http://www.redhat.com/support/errata/RHSA-2004-505.html
• http://secunia.com/advisories/20202
• http://www.redhat.com/support/errata/RHSA-2004-504.html
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503
• http://www.redhat.com/support/errata/RHSA-2006-0191.html
• http://secunia.com/advisories/20338