CVE-2004-2392

6 documents5 sources

Severity

5.0MEDIUM

EPSS

1.0%

top 23.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Linux Mandrakesoft Mandrake Linux Corporate Server

Timeline

PublishedDec 31

Latest updateApr 29

Description

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDmandrakesoft/mandrake_linux10.0, 9.1, 9.2+2

▶NVDmandrakesoft/mandrake_linux_corporate_server2.1

Patches

Patch: www.mandriva.com ↗Patch: www.securityfocus.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-gcfp-8ccc-4pp3: libuser 0↗2022-04-29

▶

CVEList

CVE-2004-2392: libuser 0↗2005-08-17

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-04-06

▶

💬Community

Bugzilla

CVE-2004-2392 security flaw↗2018-08-16

▶

Bugzilla

CVE-2004-2392 libuser serious programming bugs↗2005-10-22

▶