CVE-2004-0497

Linux kernel <2.x - Privilege Escalation

Title source: llm

Description

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marco Ivaldi · clocallinux

https://www.exploit-db.com/exploits/718

View Code ZIP pw:eip

References (7)

[Patch, Vendor Advisory] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852

[Patch, Vendor Advisory] http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066

[Patch, Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2004-354.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2004-360.html

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2004_20_kernel.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16599

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867

Scores

EPSS 0.0031

EPSS Percentile 53.5%

Classification

Status draft

Affected Products (22)

mandrakesoft/mandrake_multi_network_firewall

conectiva/linux

gentoo/linux

linux/linux_kernel

mandrakesoft/mandrake_linux

mandrakesoft/mandrake_linux

mandrakesoft/mandrake_linux

mandrakesoft/mandrake_linux_corporate_server

redhat/enterprise_linux

redhat/enterprise_linux

redhat/enterprise_linux

redhat/enterprise_linux

redhat/enterprise_linux

redhat/enterprise_linux

suse/suse_linux

... and 7 more

Timeline

Published Dec 06, 2004

Tracked Since Feb 18, 2026