{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2004-2408", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions across all virtual and host servers, which allows local users with the ability to set permissions in /proc to obtain system information or cause a denial of service on other virtual servers or the host server." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20040703 Linux Virtual Server/Secure Context procfs shared permissions flaw", "refsource" : "BUGTRAQ", "url" : "http://archives.neohapsis.com/archives/bugtraq/2004-07/0040.html" }, { "name" : "http://linux-vserver.org/ChangeLog", "refsource" : "MISC", "url" : "http://linux-vserver.org/ChangeLog" }, { "name" : "10660", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/10660" }, { "name" : "7480", "refsource" : "OSVDB", "url" : "http://www.osvdb.org/7480" }, { "name" : "1010643", "refsource" : "SECTRACK", "url" : "http://securitytracker.com/id?1010643" }, { "name" : "12021", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/12021" }, { "name" : "linux-vserver-modify-permissions(16626)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16626" } ] } }