CVE-2004-0619

Current Description

Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.

Basic Data

PublishedDecember 06, 2004
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score7.2
SeverityHIGH
Exploitability Score3.9
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSRedhatFedora Corecore_1.0*******
      2.3OSRedhatLinux8.0*******
      2.3OSRedhatLinux8.0*i386*****
      2.3OSRedhatLinux8.0*i686*****
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationRedhatKernel2.4.20-8*athlon*****
      2.3ApplicationRedhatKernel2.4.20-8*athlon_smp*****
      2.3ApplicationRedhatKernel2.4.20-8*i386*****
      2.3ApplicationRedhatKernel2.4.20-8*i386_src*****
      2.3ApplicationRedhatKernel2.4.20-8*i586*****
      2.3ApplicationRedhatKernel2.4.20-8*i586_smp*****
      2.3ApplicationRedhatKernel2.4.20-8*i686*****
      2.3ApplicationRedhatKernel2.4.20-8*i686_smp*****

Vulnerable Software List

VendorProductVersions
Redhat Kernel 2.4.20-8
Redhat Linux 8.0
Redhat Fedora Core core_1.0

References

NameSourceURLTags
20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflowhttp://marc.info/?l=bugtraq&m=108802653409053&w=2BUGTRAQ
11936http://secunia.com/advisories/11936SECUNIA
P-047http://www.ciac.org/ciac/bulletins/p-047.shtmlCIAC
RHSA-2004:549http://www.redhat.com/support/errata/RHSA-2004-549.htmlREDHATPATCH Vendor Advisory
RHSA-2005:283http://www.redhat.com/support/errata/RHSA-2005-283.htmlREDHAT
10599http://www.securityfocus.com/bid/10599BIDVendor Advisory
bcm5820-adddsabufbytes-integer-bo(16459)https://exchange.xforce.ibmcloud.com/vulnerabilities/16459XF
oval:org.mitre.oval:def:9773https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773OVAL