Vulnerability in Conectiva Linux
CVE-2004-0497
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
EPSS: 0.008 (51.8th percentile) — read the EPSS interpretation.
Affected products
- Conectiva Linux — versions 10
- Gentoo Linux
- Linux Linux_kernel — versions 2.0
- Mandrakesoft Mandrake_linux — versions 9.1, 9.2, 10.0
- Mandrakesoft Mandrake_linux_corporate_server — versions 2.1
- Mandrakesoft Mandrake_multi_network_firewall — versions 8.2
- Trustix Secure_linux — versions 2, 2.0, 2.1
- Redhat Enterprise_linux — versions 2.1, 3.0
- Suse Suse_linux — versions 8.0, 8.1, 8.2
- N/a — versions n/a
Public proof-of-concept exploits
References
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_MANDRAKE, Vendor Advisory)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_CONECTIVA, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_SUSE)
Frequently asked questions
- What is CVE-2004-0497?
- CVE-2004-0497 is a vulnerability in Conectiva Linux. Published 2004-12-06.
- Is CVE-2004-0497 known to be exploited?
- 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.