Vulnerability Description
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mandrakesoft | Mandrake Multi Network Firewall | 8.2 |
| Conectiva | Linux | 10 |
| Gentoo | Linux | All versions |
| Linux | Linux Kernel | 2.0 |
| Mandrakesoft | Mandrake Linux | 9.1 |
| Mandrakesoft | Mandrake Linux Corporate Server | 2.1 |
| Redhat | Enterprise Linux | 2.1 |
| Suse | Suse Linux | 8.0 |
| Trustix | Secure Linux | 2 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852PatchVendor Advisory
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066PatchVendor Advisory
- http://www.novell.com/linux/security/advisories/2004_20_kernel.html
- http://www.redhat.com/support/errata/RHSA-2004-354.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-360.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16599
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852PatchVendor Advisory
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066PatchVendor Advisory
- http://www.novell.com/linux/security/advisories/2004_20_kernel.html
- http://www.redhat.com/support/errata/RHSA-2004-354.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-360.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16599
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2004-0497?
CVE-2004-0497 is a vulnerability with a CVSS score of 2.1 (LOW). Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
How severe is CVE-2004-0497?
CVE-2004-0497 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0497?
Check the references section above for vendor advisories and patch information. Affected products include: Mandrakesoft Mandrake Multi Network Firewall, Conectiva Linux, Gentoo Linux, Linux Linux Kernel, Mandrakesoft Mandrake Linux.