CVE-2004-1337: CVE-2004-1337

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2004-1337

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux内核Capability LSM模块进程特权信任状本地权限提升漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux Kernel是开放源代码操作系统Linux的内核。 Linux Kernel在处理Capability模块实现时存在问题，本地攻击者可以利用这个漏洞提升权限。当特权操作由Capability LSM 模块控制时，系统基于进程信任状(creds)来仲裁特权操作。当Capability未被编译进内核时，内核使用默认的安全模块(security/dummy.c)仲裁特权操作，机制非常简单，仅仅检查进程euid、fsuid(进行文件系统相关特权操作时)是否为0。在这种情况下，dummy模块根本不关心

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2004-1337

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2004-1337

Please Login to view more intelligence information

http://www.securityfocus.com/bid/12093vdb-entryx_refsource_BID
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930vendor-advisoryx_refsource_CONECTIVA
https://exchange.xforce.ibmcloud.com/vulnerabilities/18673vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=110384535113035&w=2mailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2004-1337

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2004-1337

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2004-1337

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2004-1337

III. Intelligence Information for CVE-2004-1337

IV. Related Vulnerabilities

V. Comments for CVE-2004-1337

Leave a comment