CVE-2004-2698
published 2004-12-31CVE-2004-2698: Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly…
PriorityP415medium6.9CVSS 2.0
AVLACMAuNCCICAC
EXPLOIT
EPSS
0.47%
37.0th percentile
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | imwheel | < imwheel 1.0.0pre12-1 (bookworm) | imwheel 1.0.0pre12-1 (bookworm) |
| imwheel | imwheel | <= 1.0.0pre11 | — |
| imwheel | imwheel | >= 0 < 1.0.0pre12-1 | 1.0.0pre12-1 |
| imwheel | imwheel | >= 0 < 1.0.0pre12-1 | 1.0.0pre12-1 |
| imwheel | imwheel | >= 0 < 1.0.0pre12-1 | 1.0.0pre12-1 |
| imwheel | imwheel | >= 0 < 1.0.0pre12-1 | 1.0.0pre12-1 |
CVSS provenance
nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.9MEDIUM
vendor_debian6.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2004-2698: imwheel - Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k optio...
vendor_debian·2004·CVSS 6.9
CVE-2004-2698 [MEDIUM] CVE-2004-2698: imwheel - Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k optio...
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.
Scope: local
bookworm: resolved (fixed in 1.0.0pre12-1)
bullseye: resolved (fixed in 1.0.0pre12-1)
forky: resolved (fixed in 1.0.0pre12-1)
sid: resolved (fixed in 1.0.0pre12-1)
trixie: resolved (fixed in 1.0.0pre12-1)
GHSA
GHSA-64gr-p8q7-hc37: Race condition in IMWheel 1
ghsa_unreviewed·2022-04-29
CVE-2004-2698 [MEDIUM] CWE-362 GHSA-64gr-p8q7-hc37: Race condition in IMWheel 1
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.
OSV
CVE-2004-2698: Race condition in IMWheel 1
osv·2004-12-31·CVSS 6.9
CVE-2004-2698 [MEDIUM] CVE-2004-2698: Race condition in IMWheel 1
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0914.htmlhttp://imwheel.sourceforge.net/files/DEVELOPMENT.txthttp://secunia.com/advisories/12349http://securitytracker.com/id?1011049http://www.caughq.org/advisories/CAU-2004-0002.txthttp://www.osvdb.org/9111http://www.securityfocus.com/bid/11008https://exchange.xforce.ibmcloud.com/vulnerabilities/17082http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0914.htmlhttp://imwheel.sourceforge.net/files/DEVELOPMENT.txthttp://secunia.com/advisories/12349http://securitytracker.com/id?1011049http://www.caughq.org/advisories/CAU-2004-0002.txthttp://www.osvdb.org/9111http://www.securityfocus.com/bid/11008https://exchange.xforce.ibmcloud.com/vulnerabilities/17082
2004-12-31
Published