![[Monkey]](/pics/monkey_wht.jpg)
| prev up next | |
| CVE | CAN-2004-0497[offsite] |
| Updated | Tue, 06 Jul 2004 13:34:38 +0900 |
| Summary | Missing check for fsuid in sys_chown(). fsuid is set by the privelaged sytem call sys_setfsuid(). fsuid was added for, and is generally only used by the Linux user space NFS daemons. Clients of this daemon can potentially expolit this vulnerability to make unauthorised changes to the ownership of files on a remote system. (text: Horms and Minoura Makoto) |
| Priority | High |
| Status | Closed |
| Source | FEDORA-2004-206 RHSA-2004:360-05 |
| Link | Ultra Monkey News 2004-07-06-00 |
| Resolved In | |
| Kernel | 2.4.27-rc3 |
| Patch | Change Set 1.1467[offsite] Change Set 1.1469[offsite] local patch |
| Red Hat Linux 7.3 | |
| Vendor | None (EOL) |
| UltraMonkey | kernel-2.4.20-31.9.um.2 |
| Red Hat Linux 8.0 | |
| Vendor | None (EOL) |
| UltraMonkey | kernel-2.4.20-31.9.um.2 |
| Red Hat Linux 9 | |
| Vendor | None (EOL) |
| UltraMonkey | kernel-2.4.20-31.9.um.2 |
| Fedora Core 1 | |
| Vendor | kernel-2.4.22-1.2197.nptl |
| UltraMonkey | kernel-2.4.22-1.2197.nptl.um.1 |
| Red Hat Enterprise Linux 3 | |
| Vendor | kernel-2.4.21-15.0.3.EL |
| UltraMonkey | kernel-2.4.21-15.0.3.EL.um.1 |
| Debian Woody | |
| Vendor | None |
| UltraMonkey | kernel-image-2.4.22-1-ipvs_2.4.22-7-7woody.um.5 |
| Debian Sid | |
| Vendor | None |
| UltraMonkey | kernel-image-2.4.22-1-ipvs_2.4.22-7-7.um.5 |
| local data for debugging. | |
| Information provided here is based on the information from the links above and is intended as a refereance only. | |
Copyright © 2000-2005,
Horms
Last Updated: Sat, 04 Mar 2006 02:34:00 -0500
Debian is a registered trademark of Software in the Public Interest, Inc.
Red Hat, the Red Hat Shadowman logo and Fedora are
registered trademarks of Red Hat, Inc.
Red Hat may also be refered to as RedHat on this site.
Linux is a registered trademark of Linus Torvalds.
All other trademarks are the property of their respective owners.