CVE-2005-0504

critical

Description

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9770

http://www.vupen.com/english/advisories/2005/1878

http://www.ubuntu.com/usn/usn-508-1

http://www.securityfocus.com/bid/12195

http://www.redhat.com/support/errata/RHSA-2008-0237.html

http://www.redhat.com/support/errata/RHSA-2005-663.html

http://www.redhat.com/support/errata/RHSA-2005-551.html

http://www.redhat.com/support/errata/RHSA-2005-529.html

http://www.debian.org/security/2006/dsa-1082

http://www.debian.org/security/2006/dsa-1070

http://www.debian.org/security/2006/dsa-1069

http://www.debian.org/security/2006/dsa-1067

http://securitytracker.com/id?1013273

http://secunia.com/advisories/30112

http://secunia.com/advisories/26651

http://secunia.com/advisories/20338

http://secunia.com/advisories/20202

http://secunia.com/advisories/20163

http://secunia.com/advisories/17002

http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22

Details

Source: Mitre, NVD

Published: 2005-03-14

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics