CVE: CAN-2004-0109
Updated: Tue, 06 Jul 2004 14:04:19 +0900
Summary: zen-parse discovered a buffer overflow vulnerability in the ISO9660
         filesystem component of Linux kernel which could be abused by an 
	 attacker to gain unauthorised root access. Sebastian Krahmer and 
	 Ernie Petrides developed a correction for this. (text:DSA-479)
Priority: High
Status: Closed
Source: FEDORA-2004-111, DSA-479, RHSA-2004:166-08, RHSA-2004:183-03
Link:  http://www.ultramonkey.org/news_archive.shtml#2004042200
       http://www.ultramonkey.org/news_archive.shtml#2004041600
Resolved In:
  Kernel: 2.4.26-rc4
  Patch: http://linux.bkbits.net:8080/linux-2.4/cset@1.1358??index.html
  Red Hat Linux 7.3:
         Vendor:      None
         UltraMonkey: kernel-2.4.20-28.7.3.um.3
  Red Hat Linux 8.0:
         Vendor:      None
         UltraMonkey: kernel-2.4.20-28.8.um.3
  Red Hat Linux 9:
         Vendor:      kernel-2.4.20-31.9
         UltraMonkey: kernel-2.4.20-30.9.um.2
  Fedora Core 1:
         Vendor:      kernel-1.2188.nptl
         UltraMonkey: kernel-2.4.22-1.2179.nptl.um.1
  Red Hat Enterprise Linux 3:
         Vendor:      kernel-2.4.21-9.0.3.EL
         UltraMonkey: kernel-2.4.21-9.0.1.EL.um.2
  Debian Woody:
         Vendor:      kernel-source-2.4.18_2.4.18-14.3
         UltraMonkey: kernel-source-2.4.22-1-ipvs_2.4.22-7woody.um.1
  Debian Sid:
         Vendor:      kernel-source-2.4.25_2.4.25-2
         UltraMonkey: kernel-source-2.4.22-1-ipvs_2.4.22-7.um.1