CVE-2004-0816

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-0816
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/11202/ Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 Broken Link
http://www.novell.com/linux/security/advisories/2004_37_kernel.html Broken Link
http://www.securityfocus.com/bid/11488 Broken Link Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/17800 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

08 Feb 2024, 15:28

Type Values Removed Values Added
CVSS v2 : 5.0
v3 : unknown 		v2 : 5.0
v3 : 7.5
CWE NVD-CWE-Other CWE-191
References () http://secunia.com/advisories/11202/ - () http://secunia.com/advisories/11202/ - Broken Link
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 - () http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 - Broken Link
References () http://www.novell.com/linux/security/advisories/2004_37_kernel.html - () http://www.novell.com/linux/security/advisories/2004_37_kernel.html - Broken Link
References () http://www.securityfocus.com/bid/11488 - () http://www.securityfocus.com/bid/11488 - Broken Link, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/17800 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/17800 - Third Party Advisory, VDB Entry
CPE cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*		 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Information

Published : 2004-12-23 05:00

Updated : 2024-02-08 15:28

NVD link : CVE-2004-0816

Mitre link : CVE-2004-0816

CVE.ORG link : CVE-2004-0816

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-191

Integer Underflow (Wrap or Wraparound)