CVE-2004-0946
published 2005-01-10CVE-2004-0946: rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based…
PriorityP347critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
11.30%
95.4th percentile
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nfs-utils | — | — |
| nfs | nfs-utils | — | — |
| nfs | nfs-utils | — | — |
| nfs | nfs-utils | — | — |
| nfs | nfs-utils | — | — |
| nfs | nfs-utils | — | — |
| nfs | nfs-utils | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_desktop | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_debian10.0LOW
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2004-11-22·CVSS 10.0
CVE-2004-0946 [CRITICAL] security flaw
security flaw
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
Debian
CVE-2004-0946: nfs-utils - rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures d...
vendor_debian·2004·CVSS 10.0
CVE-2004-0946 [CRITICAL] CVE-2004-0946: nfs-utils - rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures d...
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-wq89-rrp5-4864: rquotad in nfs-utils (rquota_server
ghsa_unreviewed·2022-04-29
CVE-2004-0946 [HIGH] GHSA-wq89-rrp5-4864: rquotad in nfs-utils (rquota_server
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
No detection rules found.
No public exploits indexed.
http://bugs.gentoo.org/show_bug.cgi?id=72113http://secunia.com/advisories/13440/http://www.gentoo.org/security/en/glsa/glsa-200412-08.xmlhttp://www.kb.cert.org/vuls/id/698302http://www.mandriva.com/security/advisories?name=MDKSA-2005:005http://www.redhat.com/support/errata/RHSA-2004-583.htmlhttp://www.redhat.com/support/errata/RHSA-2005-014.htmlhttp://www.securityfocus.com/archive/1/426072/30/6740/threadedhttp://www.securityfocus.com/bid/11911https://exchange.xforce.ibmcloud.com/vulnerabilities/18455https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10464http://bugs.gentoo.org/show_bug.cgi?id=72113http://secunia.com/advisories/13440/http://www.gentoo.org/security/en/glsa/glsa-200412-08.xmlhttp://www.kb.cert.org/vuls/id/698302http://www.mandriva.com/security/advisories?name=MDKSA-2005:005http://www.redhat.com/support/errata/RHSA-2004-583.htmlhttp://www.redhat.com/support/errata/RHSA-2005-014.htmlhttp://www.securityfocus.com/archive/1/426072/30/6740/threadedhttp://www.securityfocus.com/bid/11911https://exchange.xforce.ibmcloud.com/vulnerabilities/18455https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10464
2005-01-10
Published