Vulnerabilities > CVE-2003-0985 - Unspecified vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
Vulnerable Configurations
Exploit-Db
description Linux Kernel "do_mremap" Local Proof of Concept II. CVE-2003-0985. Local exploit for linux platform id EDB-ID:142 last seen 2016-01-31 modified 2004-01-07 published 2004-01-07 reporter Christophe Devine source https://www.exploit-db.com/download/142/ title Linux Kernel <= 2.4.23 / <= 2.6.0 - "do_mremap" Local Proof of Concept 2 description Linux Kernel 2.4.x mremap() bound checking Root Exploit. CVE-2003-0985. Local exploit for linux platform id EDB-ID:145 last seen 2016-01-31 modified 2004-01-15 published 2004-01-15 reporter Paul Starzetz source https://www.exploit-db.com/download/145/ title Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap Bound Checking Root Exploit description Linux Kernel "do_mremap" Local Proof of Concept. CVE-2003-0985. Local exploit for linux platform id EDB-ID:141 last seen 2016-01-31 modified 2004-01-06 published 2004-01-06 reporter Christophe Devine source https://www.exploit-db.com/download/141/ title Linux Kernel <= 2.4.23 / <= 2.6.0 - "do_mremap" Local Proof of Concept 1
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-450.NASL description Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the mips kernel 2.4.19 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23. - CAN-2003-0985 : Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Fixed upstream in Linux 2.4.24. - CAN-2004-0077 : Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3. last seen 2020-06-01 modified 2020-06-02 plugin id 15287 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15287 title Debian DSA-450-1 : linux-kernel-2.4.19-mips - several vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-419.NASL description Updated kernel packages are now available that fix a security vulnerability which may allow local users to gain root privileges. The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel versions 2.4.23 and previous which may allow a local attacker to gain root privileges. No exploit is currently available; however, it is believed that this issue is exploitable (although not trivially.) The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0985 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this issue. Red Hat would like to thank Paul Starzetz from ISEC for disclosing this issue as well as Andrea Arcangeli and Solar Designer for working on the patch. last seen 2020-06-01 modified 2020-06-02 plugin id 12444 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12444 title RHEL 2.1 : kernel (RHSA-2003:419) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-442.NASL description Several security related problems have been fixed in the Linux kernel 2.4.17 used for the S/390 architecture, mostly by backporting fixes from 2.4.18 and incorporating recent security fixes. The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project : - CVE-2002-0429 : The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall). - CAN-2003-0001 : Multiple ethernet network interface card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. - CAN-2003-0244 : The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain. - CAN-2003-0246 : The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. - CAN-2003-0247 : A vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ( last seen 2020-06-01 modified 2020-06-02 plugin id 15279 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15279 title Debian DSA-442-1 : linux-kernel-2.4.17-s390 - several vulnerabilities NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2004-008-01.NASL description New kernels are available for Slackware 8.1 containing a backported fix from a bounds-checking problem in the kernel last seen 2020-06-01 modified 2020-06-02 plugin id 18786 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18786 title Slackware 8.1 : Slackware 8.1 kernel security update (SSA:2004-008-01) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2004-006-01.NASL description New kernels are available for Slackware 9.0, 9.1 and -current. The 9.1 and -current kernels have been upgraded to 2.4.24, and a fix has been backported to the 2.4.21 kernels in Slackware 9.0 to fix a bounds-checking problem in the kernel last seen 2020-06-01 modified 2020-06-02 plugin id 18795 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18795 title Slackware 9.0 / 9.1 / current : Kernel security update (SSA:2004-006-01) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-413.NASL description Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug, since it doesn last seen 2020-06-01 modified 2020-06-02 plugin id 15250 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15250 title Debian DSA-413-2 : linux-kernel-2.4.18 - missing boundary check NASL family Debian Local Security Checks NASL id DEBIAN_DSA-417.NASL description Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Andrew Morton discovered a missing boundary check for the brk system call which can be used to craft a local root exploit. last seen 2020-06-01 modified 2020-06-02 plugin id 15254 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15254 title Debian DSA-417-1 : linux-kernel-2.4.18-powerpc+alpha - missing boundary check NASL family Fedora Local Security Checks NASL id FEDORA_2003-046.NASL description Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel versions 2.4.23 and previous which may allow a local attacker to gain root privileges. No exploit is currently available; however, it is believed that this issue is exploitable (although not trivially.) The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0985 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this issue. Red Hat would like to thank Paul Starzetz from ISEC for disclosing this issue as well as Andrea Arcangeli and Solar Designer for working on the patch. These packages also contain a fix for a minor information leak in the real time clock (rtc) routines. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0984 to this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 13669 published 2004-07-23 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13669 title Fedora Core 1 : kernel-2.4.22-1.2138.nptl (2003-046) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-470.NASL description Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the hppa kernel 2.4.17 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23. - CAN-2003-0985 : Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Fixed upstream in Linux 2.4.24. - CAN-2004-0077 : Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3. last seen 2020-06-01 modified 2020-06-02 plugin id 15307 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15307 title Debian DSA-470-1 : linux-kernel-2.4.17-hppa - several vulnerabilities NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2004-049-01.NASL description New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel last seen 2020-06-01 modified 2020-06-02 plugin id 18789 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18789 title Slackware 9.1 / current : Kernel security update (SSA:2004-049-01) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-440.NASL description Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PowerPC/Apus kernel for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23. - CAN-2003-0985 : Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Fixed upstream in Linux 2.4.24. - CAN-2004-0077 : Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3. last seen 2020-06-01 modified 2020-06-02 plugin id 15277 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15277 title Debian DSA-440-1 : linux-kernel-2.4.17-powerpc-apus - several vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-439.NASL description Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the ARM kernel for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23. - CAN-2003-0985 : Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Fixed upstream in Linux 2.4.24. - CAN-2004-0077 : Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3. last seen 2020-06-01 modified 2020-06-02 plugin id 15276 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15276 title Debian DSA-439-1 : linux-kernel-2.4.16-arm - several vulnerabilities NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-001.NASL description A flaw in bounds checking in mremap() in the Linux kernel versions 2.4.23 and previous was discovered by Paul Starzetz. This flaw may be used to allow a local attacker to obtain root privilege. Another minor information leak in the RTC (real time clock) routines was fixed as well. All Mandrake Linux users are encouraged to upgrade to these packages immediately. To update your kernel, please follow the directions located at : http://www.mandrakesecure.net/en/kernelupdate.php Mandrake Linux 9.1 and 9.2 users should upgrade the initscripts (9.1) and bootloader-utils (9.2) packages prior to upgrading the kernel as they contain a fixed installkernel script that fixes instances where the loop module was not being loaded and would cause mkinitrd to fail. Users requiring commercial NVIDIA drivers can find drivers for Mandrake Linux 9.2 at MandrakeClub. last seen 2020-06-01 modified 2020-06-02 plugin id 14101 published 2004-07-31 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14101 title Mandrake Linux Security Advisory : kernel (MDKSA-2004:001) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-416.NASL description Updated kernel packages are now available that fix a security vulnerability which may allow local users to gain root privileges. The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel versions 2.4.23 and previous which may allow a local attacker to gain root privileges. No exploit is currently available; however, it is believed that this issue is exploitable (although not trivially.) The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0985 to this issue. All users of Red Hat Enterprise Linux 3 are advised to upgrade to these errata packages, which contain a backported security patch that corrects this issue. Red Hat would like to thank Paul Starzetz from ISEC for disclosing this issue as well as Andrea Arcangeli and Solar Designer for working on the patch. last seen 2020-06-01 modified 2020-06-02 plugin id 12443 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12443 title RHEL 3 : kernel (RHSA-2003:416) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-423.NASL description The IA-64 maintainers fixed several security related bugs in the Linux kernel 2.4.17 used for the IA-64 architecture, mostly by backporting fixes from 2.4.18. The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project : - CAN-2003-0001 : Multiple ethernet network interface card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. - CAN-2003-0018 : Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. - CAN-2003-0127 : The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process which is spawned by the kernel. - CAN-2003-0461 : The virtual file /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. - CAN-2003-0462 : A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). - CAN-2003-0476 : The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. - CAN-2003-0501 : The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. - CAN-2003-0550 : The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. - CAN-2003-0551 : The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. - CAN-2003-0552 : Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target. - CAN-2003-0961 : An integer overflow in brk system call (do_brk function) for Linux kernel 2.4.22 and earlier allows local users to gain root privileges. - CAN-2003-0985 : The mremap system call (do_mremap) in Linux kernel 2.4 and 2.6 does not properly perform boundary checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA. last seen 2020-06-01 modified 2020-06-02 plugin id 15260 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15260 title Debian DSA-423-1 : linux-kernel-2.4.17-ia64 - several vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-427.NASL description Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. last seen 2020-06-01 modified 2020-06-02 plugin id 15264 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15264 title Debian DSA-427-1 : linux-kernel-2.4.17-mips+mipsel - missing boundary check NASL family Debian Local Security Checks NASL id DEBIAN_DSA-475.NASL description Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PA-RISC kernel 2.4.18 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23. - CAN-2003-0985 : Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Fixed upstream in Linux 2.4.24. - CAN-2004-0077 : Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3. Please note that the source package has to include a lot of updates in order to compile the package, which wasn last seen 2020-06-01 modified 2020-06-02 plugin id 15312 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15312 title Debian DSA-475-1 : linux-kernel-2.4.18-hppa - several vulnerabilities
Oval
accepted 2007-04-25T19:53:02.810-04:00 class vulnerability contributors name Jay Beale organization Bastille Linux name Matt Busby organization The MITRE Corporation name Thomas R. Jones organization Maitreya Security
description The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. family unix id oval:org.mitre.oval:def:860 status accepted submitted 2004-03-20T12:00:00.000-04:00 title Red Hat Linux Kernel do_mremap Denial of Service Vulnerability version 40 accepted 2007-04-25T19:53:04.347-04:00 class vulnerability contributors name Matt Busby organization The MITRE Corporation name Matt Busby organization The MITRE Corporation name Thomas R. Jones organization Maitreya Security
description The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. family unix id oval:org.mitre.oval:def:867 status accepted submitted 2004-03-20T12:00:00.000-04:00 title Red Hat Enterprise 3 Linux Kernel do_mremap Denial of Service Vulnerability version 39
Redhat
advisories |
| ||||||||||||||||
rpms |
|
References
- ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U
- ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U
- http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html
- http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799
- http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01
- http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01
- http://isec.pl/vulnerabilities/isec-0013-mremap.txt
- http://isec.pl/vulnerabilities/isec-0013-mremap.txt
- http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap
- http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap
- http://marc.info/?l=bugtraq&m=107332754521495&w=2
- http://marc.info/?l=bugtraq&m=107332754521495&w=2
- http://marc.info/?l=bugtraq&m=107332782121916&w=2
- http://marc.info/?l=bugtraq&m=107332782121916&w=2
- http://marc.info/?l=bugtraq&m=107340358402129&w=2
- http://marc.info/?l=bugtraq&m=107340358402129&w=2
- http://marc.info/?l=bugtraq&m=107340814409017&w=2
- http://marc.info/?l=bugtraq&m=107340814409017&w=2
- http://marc.info/?l=bugtraq&m=107350348418373&w=2
- http://marc.info/?l=bugtraq&m=107350348418373&w=2
- http://marc.info/?l=bugtraq&m=107394143105081&w=2
- http://marc.info/?l=bugtraq&m=107394143105081&w=2
- http://secunia.com/advisories/10532
- http://secunia.com/advisories/10532
- http://secunia.com/advisories/20163
- http://secunia.com/advisories/20163
- http://secunia.com/advisories/20202
- http://secunia.com/advisories/20202
- http://secunia.com/advisories/20338
- http://secunia.com/advisories/20338
- http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0
- http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0
- http://www.ciac.org/ciac/bulletins/o-045.shtml
- http://www.ciac.org/ciac/bulletins/o-045.shtml
- http://www.debian.org/security/2004/dsa-413
- http://www.debian.org/security/2004/dsa-413
- http://www.debian.org/security/2004/dsa-417
- http://www.debian.org/security/2004/dsa-417
- http://www.debian.org/security/2004/dsa-423
- http://www.debian.org/security/2004/dsa-423
- http://www.debian.org/security/2004/dsa-427
- http://www.debian.org/security/2004/dsa-427
- http://www.debian.org/security/2004/dsa-439
- http://www.debian.org/security/2004/dsa-439
- http://www.debian.org/security/2004/dsa-440
- http://www.debian.org/security/2004/dsa-440
- http://www.debian.org/security/2004/dsa-442
- http://www.debian.org/security/2004/dsa-442
- http://www.debian.org/security/2004/dsa-450
- http://www.debian.org/security/2004/dsa-450
- http://www.debian.org/security/2004/dsa-470
- http://www.debian.org/security/2004/dsa-470
- http://www.debian.org/security/2004/dsa-475
- http://www.debian.org/security/2004/dsa-475
- http://www.debian.org/security/2006/dsa-1067
- http://www.debian.org/security/2006/dsa-1067
- http://www.debian.org/security/2006/dsa-1069
- http://www.debian.org/security/2006/dsa-1069
- http://www.debian.org/security/2006/dsa-1070
- http://www.debian.org/security/2006/dsa-1070
- http://www.debian.org/security/2006/dsa-1082
- http://www.debian.org/security/2006/dsa-1082
- http://www.kb.cert.org/vuls/id/490620
- http://www.kb.cert.org/vuls/id/490620
- http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24
- http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24
- http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html
- http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001
- http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html
- http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html
- http://www.osvdb.org/3315
- http://www.osvdb.org/3315
- http://www.redhat.com/support/errata/RHSA-2003-416.html
- http://www.redhat.com/support/errata/RHSA-2003-416.html
- http://www.redhat.com/support/errata/RHSA-2003-417.html
- http://www.redhat.com/support/errata/RHSA-2003-417.html
- http://www.redhat.com/support/errata/RHSA-2003-418.html
- http://www.redhat.com/support/errata/RHSA-2003-418.html
- http://www.redhat.com/support/errata/RHSA-2003-419.html
- http://www.redhat.com/support/errata/RHSA-2003-419.html
- http://www.securityfocus.com/bid/9356
- http://www.securityfocus.com/bid/9356
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14135
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14135
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867