Vulnerabilities > CVE-2004-1295 - Denial-Of-Service vulnerability in Uml-Utilities 20030903

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

uml-utilities

NVD

Published: 2005-01-10

Updated: 2017-07-11

Summary

The slip_down function in slip.c for the uml_net program in uml-utilities 20030903, when uml_net is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service (network service disabled).

Vulnerable Configurations

Part	Description	Count
Application	Uml-Utilities UML Utilities UML Utilities 2003-09-03	1

References

http://tigger.uic.edu/~jlongs2/holes/uml-utilites.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/18562