Vulnerabilities > CVE-2004-0834
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 | |
Application | 1 | |
OS | 13 | |
OS | 1 |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-130.NASL description The Speedtouch USB driver contains a number of format string vulnerabilities due to improperly made syslog() system calls. These vulnerabilities can be abused by a local user to potentially allow the execution of arbitrary code with elevated privileges. The updated packages have been patched to prevent this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 15698 published 2004-11-13 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15698 title Mandrake Linux Security Advisory : speedtouch (MDKSA-2004:130) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200411-04.NASL description The remote host is affected by the vulnerability described in GLSA-200411-04 (Speedtouch USB driver: Privilege escalation vulnerability) The Speedtouch USB driver contains multiple format string vulnerabilities in modem_run, pppoa2 and pppoa3. This flaw is due to an improperly made syslog() system call. Impact : A malicious local user could exploit this vulnerability by causing a buffer overflow, and potentially allowing the execution of arbitrary code with escalated privileges. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 15607 published 2004-11-02 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15607 title GLSA-200411-04 : Speedtouch USB driver: Privilege escalation vulnerability