Vulnerability Details : CVE-2004-1076
Potential exploit
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
Vulnerability category: Execute code
Products affected by CVE-2004-1076
- cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2.1_pre0:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.8.6:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.8.7:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9d:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9e:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.6:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.8.8:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.8.9:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.7:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9f:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9g:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9b:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9c:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9j:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.3:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.7:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9a:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9h:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:0.9.9i:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:atari800:atari800:1.2_pre0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-1076
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-1076
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2004-1076
-
http://cvs.sourceforge.net/viewcvs.py/atari800/atari800/DOC/ChangeLog?view=markup
Atari800 download | SourceForge.net
-
http://marc.info/?l=bugtraq&m=110142899319841&w=2
'Atari800 - local root.' - MARC
-
http://www.debian.org/security/2004/dsa-609
[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit
-
http://marc.info/?l=bugtraq&m=110149441815270&w=2
'Re: Atari800 - local root. (fwd)' - MARC
-
http://www.securityfocus.com/bid/11756
Exploit;Patch;Vendor Advisory
Jump to