Insufficient Permission Check in slip_down Function Allows Denial of Service

Insufficient Permission Check in slip_down Function Allows Denial of Service

CVE-2004-1295 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The slip_down function in slip.c for the uml_net program in uml-utilities 20030903, when uml_net is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service (network service disabled).

Learn more about our Network Penetration Testing.