CVE-2004-0946

Published: Jan 10, 2005Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.

Affected (10)

Products: Nfs: Nfs Utils · Redhat: Enterprise Linux, Enterprise Linux Desktop

1 product

2 products

Enterprise Linux

Enterprise Linux Desktop

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Nfs Nfs Utils	Version 1.0.1
Nfs Nfs Utils	Version 1.0.2
Nfs Nfs Utils	Version 1.0.3
Nfs Nfs Utils	Version 1.0.4
Nfs Nfs Utils	Version 1.0.6
Nfs Nfs Utils	Version 1.0

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux Desktop	Version 3.0

References (22)

http://bugs.gentoo.org/show_bug.cgi?id=72113

Source: cve@mitre.org

http://secunia.com/advisories/13440/

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200412-08.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/698302

Source: cve@mitre.org

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2005:005

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-583.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-014.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/426072/30/6740/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/11911

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18455

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10464

Source: cve@mitre.org

http://bugs.gentoo.org/show_bug.cgi?id=72113

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/13440/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200412-08.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/698302

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2005:005

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-583.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-014.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/426072/30/6740/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/11911

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18455

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10464

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.