Vulnerability Description
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 2.6.21 |
Related Weaknesses (CWE)
References
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html
- http://secunia.com/advisories/17002Vendor Advisory
- http://secunia.com/advisories/20163Vendor Advisory
- http://secunia.com/advisories/20202
- http://secunia.com/advisories/20338Vendor Advisory
- http://secunia.com/advisories/26651Vendor Advisory
- http://secunia.com/advisories/30112
- http://securitytracker.com/id?1013273
- http://www.debian.org/security/2006/dsa-1067
- http://www.debian.org/security/2006/dsa-1069
- http://www.debian.org/security/2006/dsa-1070
- http://www.debian.org/security/2006/dsa-1082
- http://www.redhat.com/support/errata/RHSA-2005-529.html
- http://www.redhat.com/support/errata/RHSA-2005-551.html
FAQ
What is CVE-2005-0504?
CVE-2005-0504 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified l...
How severe is CVE-2005-0504?
CVE-2005-0504 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0504?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.