New Search

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.

oval:org.mitre.oval:def:9369

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Red Hat Enterprise Linux 4
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2004-1190
Product(s):