From f3581ec9b2d48c6103c22fecb46f713217d834e8 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Thu, 17 Aug 2006 00:24:25 +0000 Subject: move retired to the top level hierarchy so people can easily checkout just the active issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2004-0587 | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 retired/CVE-2004-0587 (limited to 'retired/CVE-2004-0587') diff --git a/retired/CVE-2004-0587 b/retired/CVE-2004-0587 new file mode 100644 index 000000000..72028b0d7 --- /dev/null +++ b/retired/CVE-2004-0587 @@ -0,0 +1,41 @@ +Candidate: CVE-2004-0587 +References: + FEDORA:FEDORA-2004-186 + URL:http://lwn.net/Articles/91155/ + MANDRAKE:MDKSA-2004:066 + URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066 + REDHAT:RHSA-2004:413 + URL:http://www.redhat.com/support/errata/RHSA-2004-413.html + REDHAT:RHSA-2004:418 + URL:http://www.redhat.com/support/errata/RHSA-2004-418.html + SGI:20040804-01-U + URL:ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc + SUSE:SuSE-SA:2004:010 + URL:http://www.novell.com/linux/security/advisories/2004_10_kernel.html + BID:10279 + URL:http://www.securityfocus.com/bid/10279 + SECTRACK:1010057 + URL:http://securitytracker.com/id?1010057 + XF:suse-hbaapinode-dos(16062) + URL:http://xforce.iss.net/xforce/xfdb/16062 +Description: + Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux + allows local users to cause a denial of service. +Notes: + 2.4.26-3 has the note: + CVE-2004-0587 code is not present, not vulnerable + So the question is, did the code get added when we moved to 2.4.27, and + was it still vulnerable? + dannf> Nope; qla2xxx isn't in 2.4.27 +Bugs: +upstream: +linux-2.6: N/A +2.6.8-sarge-security: N/A +2.4.27-sarge-security: N/A +2.4.19-woody-security: N/A +2.4.18-woody-security: N/A +2.4.17-woody-security: N/A +2.4.16-woody-security: N/A +2.4.17-woody-security-hppa: N/A +2.4.17-woody-security-ia64: needed +2.4.18-woody-security-hppa: N/A -- cgit v1.2.3