Resource management errors in Linux kernel - CVE-2004-0986
Published: March 1, 2005 / Updated: July 11, 2017
Vulnerability identifier: #VU99936
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2004-0986
CWE-ID: CWE-399
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
How to mitigate CVE-2004-0986
Install update from vendor's repository.
Sources
- http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html
- http://www.ciac.org/ciac/bulletins/p-026.shtml
- http://www.debian.org/security/2004/dsa-580
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:125
- http://www.securityfocus.com/bid/11570
- https://bugzilla.fedora.us/show_bug.cgi?id=2252
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17928
- https://www.ubuntu.com/usn/usn-81-1/