CVE: CAN-2004-0497
Updated: Tue, 06 Jul 2004 13:34:38 +0900
Summary: Missing check for fsuid in sys_chown().
         fsuid is set by the privelaged sytem call sys_setfsuid().
	 fsuid was added for, and is generally only used by the
	 Linux user space NFS daemons. Clients of this daemon
	 can potentially expolit this vulnerability to make
	 unauthorised changes to the ownership of files on a
	 remote system. (text: Horms and Minoura Makoto)
Priority: High
Status: Closed
Source: FEDORA-2004-206, RHSA-2004:360-05
Link: http://www.ultramonkey.org/news_archive.shtml#2004070600
Resolved In:
  Kernel: 2.4.27-rc3
  Patch:  http://linux.bkbits.net:8080/linux-2.4/cset@1.1467??nav=index.html
          http://linux.bkbits.net:8080/linux-2.4/cset@1.1469??nav=index.html
  Red Hat Linux 7.3:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.2
  Red Hat Linux 8.0:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.2
  Red Hat Linux 9:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.2
  Fedora Core 1:
         Vendor:      kernel-2.4.22-1.2197.nptl
         UltraMonkey: kernel-2.4.22-1.2197.nptl.um.1
  Red Hat Enterprise Linux 3:
         Vendor:      kernel-2.4.21-15.0.3.EL
         UltraMonkey: kernel-2.4.21-15.0.3.EL.um.1
  Debian Woody:
         Vendor:      None
         UltraMonkey: kernel-image-2.4.22-1-ipvs_2.4.22-7-7woody.um.5
  Debian Sid:
         Vendor:      None
         UltraMonkey: kernel-image-2.4.22-1-ipvs_2.4.22-7-7.um.5