CVE-2004-0564 - OpenCVE

Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Roaring Penguin	Pppoe

Configuration 1 [-]

OR	cpe:2.3:a:roaring_penguin:pppoe:3.0:::::::*
	cpe:2.3:a:roaring_penguin:pppoe:3.3:::::::*
	cpe:2.3:a:roaring_penguin:pppoe:3.5:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:3.0:::::::*
	cpe:2.3:o:debian:debian_linux:3.0::alpha:::::
	cpe:2.3:o:debian:debian_linux:3.0::arm:::::
	cpe:2.3:o:debian:debian_linux:3.0::hppa:::::
	cpe:2.3:o:debian:debian_linux:3.0::ia-32:::::
	cpe:2.3:o:debian:debian_linux:3.0::ia-64:::::
	cpe:2.3:o:debian:debian_linux:3.0::m68k:::::
	cpe:2.3:o:debian:debian_linux:3.0::mips:::::
	cpe:2.3:o:debian:debian_linux:3.0::mipsel:::::
	cpe:2.3:o:debian:debian_linux:3.0::ppc:::::
	cpe:2.3:o:debian:debian_linux:3.0::s-390:::::
	cpe:2.3:o:debian:debian_linux:3.0::sparc:::::

References

Link	Resource
http://marc.info/?l=bugtraq&m=110247119200510&w=2
http://marc.info/?l=bugtraq&m=110253341209450&w=2
http://www.debian.org/security/2004/dsa-557	Patch Vendor Advisory
http://www.fedoralegacy.org/updates/FC1/2005-11-14-FLSA_2005_152794__Updated_rp_pppoe_package_fixes_security_issue.html
http://www.securityfocus.com/bid/11315	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17576

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2004-11-19T05:00:00

Updated: 2017-07-10T14:57:01

Reserved: 2004-06-14T00:00:00

Link: CVE-2004-0564

JSON object: View

NVD Information

Status : Modified

Published: 2004-12-23T05:00:00.000

Modified: 2017-07-11T01:30:15.777

Link: CVE-2004-0564

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-10-04T00:00:00", "descriptions": [{"lang": "en", "value": "Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe \"is NOT designed to run setuid-root.\" Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20041208 Re: MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=110253341209450&w=2"}, {"name": "11315", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11315"}, {"name": "pppoe-file-overwrite(17576)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17576"}, {"name": "DSA-557", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2004/dsa-557"}, {"name": "FLSA:152794", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.fedoralegacy.org/updates/FC1/2005-11-14-FLSA_2005_152794__Updated_rp_pppoe_package_fixes_security_issue.html"}, {"name": "MDKSA-2004:145", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://marc.info/?l=bugtraq&m=110247119200510&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0564", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe \"is NOT designed to run setuid-root.\" Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20041208 Re: MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=110253341209450&w=2"}, {"name": "11315", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11315"}, {"name": "pppoe-file-overwrite(17576)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17576"}, {"name": "DSA-557", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-557"}, {"name": "FLSA:152794", "refsource": "FEDORA", "url": "http://www.fedoralegacy.org/updates/FC1/2005-11-14-FLSA_2005_152794__Updated_rp_pppoe_package_fixes_security_issue.html"}, {"name": "MDKSA-2004:145", "refsource": "MANDRAKE", "url": "http://marc.info/?l=bugtraq&m=110247119200510&w=2"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0564", "datePublished": "2004-11-19T05:00:00", "dateReserved": "2004-06-14T00:00:00", "dateUpdated": "2017-07-10T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:roaring_penguin:pppoe:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "8F1F5B1D-4264-4877-91D5-BCFF26D6F538", "vulnerable": true}, {"criteria": "cpe:2.3:a:roaring_penguin:pppoe:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "0C270453-511A-4924-8200-D847BC8AE748", "vulnerable": true}, {"criteria": "cpe:2.3:a:roaring_penguin:pppoe:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "40DFDDE1-5F26-4F1B-90E4-916BD22A7C0A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe \"is NOT designed to run setuid-root.\" Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings."}, {"lang": "es", "value": "Roaring Penguin pppoe, cuando se ejecuta con setuid root, no libera privilegios adecuadamente, lo que permite a usuarios locales sobreescribir ficheros arbitrarios."}], "id": "CVE-2004-0564", "lastModified": "2017-07-11T01:30:15.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-23T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=110247119200510&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=110253341209450&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2004/dsa-557"}, {"source": "cve@mitre.org", "url": "http://www.fedoralegacy.org/updates/FC1/2005-11-14-FLSA_2005_152794__Updated_rp_pppoe_package_fixes_security_issue.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/11315"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17576"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}