Vulnerability Description
SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Suse | Suse Linux | 8.1 |
References
- http://secunia.com/advisories/18510
- http://www.novell.com/linux/security/advisories/2004_42_kernel.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2006-0101.html
- http://www.securityfocus.com/bid/11784
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18370
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://secunia.com/advisories/18510
- http://www.novell.com/linux/security/advisories/2004_42_kernel.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2006-0101.html
- http://www.securityfocus.com/bid/11784
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18370
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2004-1190?
CVE-2004-1190 is a vulnerability with a CVSS score of 2.1 (LOW). SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized...
How severe is CVE-2004-1190?
CVE-2004-1190 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1190?
Check the references section above for vendor advisories and patch information. Affected products include: Suse Suse Linux.