CVE-2004-0181 - The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written t

CVE-2004-0181

Summary

The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.

References

Vulnerable Configurations

cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

oval via4

accepted

2013-04-29T04:04:42.594-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651

description

family

unix

oval:org.mitre.oval:def:10329

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

advisories

rhsa
id RHSA-2004:504
rhsa
id RHSA-2005:663

rpms

kernel-0:2.4.21-37.EL
kernel-BOOT-0:2.4.21-37.EL
kernel-debuginfo-0:2.4.21-37.EL
kernel-doc-0:2.4.21-37.EL
kernel-hugemem-0:2.4.21-37.EL
kernel-hugemem-unsupported-0:2.4.21-37.EL
kernel-smp-0:2.4.21-37.EL
kernel-smp-unsupported-0:2.4.21-37.EL
kernel-source-0:2.4.21-37.EL
kernel-unsupported-0:2.4.21-37.EL

refmap via4

bid	10143
engarde	ESA-20040428-004
gentoo	GLSA-200407-02
mandrake	MDKSA-2004:029
secunia	17002
trustix	2004-0020
turbo	TLSA-2004-14
vupen	ADV-2005-1878
xf	linux-jfs-info-disclosure(15902)

Last major update

11-10-2017 - 01:29

Published

01-06-2004 - 04:00

Last modified

11-10-2017 - 01:29