CVE: CAN-2004-0587
Updated: Thu, 12 Aug 2004 11:00:32 +0900
Summary: Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in
         Linux allows local users to cause a denial of service.
	 (text:CAN-2004-587)
Priority: Low
Status: Closed
Source: FEDORA-2004-186, RHSA-2004:413-01
Link: http://www.ultramonkey.org/news_archive.shtml#2004062601
Resolved In:
  Kernel: Not in mainline kernel
  Patch:  
  Red Hat Linux 7.3:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.1
  Red Hat Linux 8.0:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.1
  Red Hat Linux 9:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.1
  Fedora Core 1:
         Vendor:      kernel-2.4.22-1.2194.nptl
         UltraMonkey: kernel-2.4.22-1.2194.nptl.um.1
  Red Hat Enterprise Linux 3:
         Vendor:      kernel-2.4.21-15.0.4.EL
         UltraMonkey: kernel-2.4.21-15.0.2.EL.um.1
  Debian Woody:
         Vendor:      Not Vulnerable
         UltraMonkey: Not Vulnerable
  Debian Sid:
         Vendor:      Not Vulnerable
         UltraMonkey: Not Vulnerable
  Note:  Fix proc_mknod(APIDEV_NODE,... call in qla2x00.c to use mode 600