blob: de8f91b61fb8a2e16b7541805c27995d7221e41f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
Candidate: CVE-2004-1137
References:
VULNWATCH:20041214 Linux kernel IGMP vulnerabilities
BUGTRAQ:20041214 Linux kernel IGMP vulnerabilities
MISC:http://isec.pl/vulnerabilities/isec-0018-igmp.txt
CONECTIVA:CLA-2005:930
URL:http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
FEDORA:FLSA:2336
URL:https://bugzilla.fedora.us/show_bug.cgi?id=2336
MANDRAKE:MDKSA-2005:022
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:022
REDHAT:RHSA-2005:092
URL:http://www.redhat.com/support/errata/RHSA-2005-092.html
BUGTRAQ:20041214 [USN-38-1] Linux kernel vulnerabilities
URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110306397320336&w=2
XF:linux-igmpmarksources-dos(18482)
URL:http://xforce.iss.net/xforce/xfdb/18482
XF:linux-ipmcsource-code-execution(18481)
URL:http://xforce.iss.net/xforce/xfdb/18481
Description:
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to
2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial
of service or execute arbitrary code via (1) the ip_mc_source function, which
decrements a counter to -1, or (2) the igmp_marksources function, which does
not properly validate IGMP message parameters and performs an out-of-bounds
read.
Notes:
Bugs:
upstream:
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [igmp-src-list-fix.dpatch]
2.4.27-sarge-security: released (2.4.27-7) [117-igmp-source-filter-fixes.patch]
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|