CVE-2005-0504 - Quincuncial Proboscis Monkey
Description
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x 2.4.x and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
Reference
http://www.securityfocus.com/bid/12195 http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html http://securitytracker.com/id?1013273 http://www.redhat.com/support/errata/RHSA-2005-529.html http://www.redhat.com/support/errata/RHSA-2005-551.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://secunia.com/advisories/17002 http://www.debian.org/security/2006/dsa-1070 http://www.debian.org/security/2006/dsa-1067 http://www.debian.org/security/2006/dsa-1069 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://www.debian.org/security/2006/dsa-1082 http://secunia.com/advisories/20338 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22 http://www.ubuntu.com/usn/usn-508-1 http://secunia.com/advisories/26651 http://www.redhat.com/support/errata/RHSA-2008-0237.html http://secunia.com/advisories/30112 http://www.vupen.com/english/advisories/2005/1878 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9770