CVE-2004-0834
First published: Wed Oct 20 2004(Updated: )
Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mandrakesoft Mandrake Multi Network Firewall | =8.2 | |
| Thomson SpeedTouch USB Driver | =1.0 | |
| Thomson SpeedTouch USB Driver | =1.1 | |
| Thomson SpeedTouch USB Driver | =1.2 | |
| Thomson SpeedTouch USB Driver | =1.2_beta1 | |
| Thomson SpeedTouch USB Driver | =1.2_beta2 | |
| Thomson SpeedTouch USB Driver | =1.2_beta3 | |
| Thomson SpeedTouch USB Driver | =1.3 | |
| Gentoo Linux | =1.4 | |
| Mandrake Linux | =8.2 | |
| Mandrake Linux | =8.2 | |
| Mandrake Linux | =9.0 | |
| Mandrake Linux | =9.1 | |
| Mandrake Linux | =9.1 | |
| Mandrake Linux | =9.2 | |
| Mandrake Linux | =9.2 | |
| Mandrake Linux | =10.0 | |
| Mandrake Linux | =10.0 | |
| Mandrake Linux | =10.1 | |
| Mandrake Linux | =10.1 | |
| Mandriva Linux Corporate Server | =2.1 | |
| Mandriva Linux Corporate Server | =2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://speedtouch.sourceforge.net/index.php?/news.en.html
- http://www.mail-archive.com/speedtouch@ml.free.fr/msg06688.html
- http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17792
- http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html
Frequently Asked Questions
What is the severity of CVE-2004-0834?
CVE-2004-0834 is classified as a critical vulnerability due to its potential to allow local users to execute arbitrary code.
How do I fix CVE-2004-0834?
To fix CVE-2004-0834, you should upgrade the Speedtouch USB driver to version 1.3 or later.
Which software is affected by CVE-2004-0834?
CVE-2004-0834 affects the Speedtouch USB driver versions 1.0 to 1.2 and specific Mandrake Linux distributions.
Who is vulnerable to CVE-2004-0834?
Local users with access to systems running the vulnerable versions of the Speedtouch USB driver are at risk due to CVE-2004-0834.
What actions can be taken to mitigate CVE-2004-0834?
In addition to upgrading the driver, ensure that system access is restricted to trusted users to mitigate CVE-2004-0834.
- agent/author
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-historical
- collector/nvd-index
- vendor/mandrakesoft
- canonical/mandrakesoft mandrake multi network firewall
- version/mandrakesoft mandrake multi network firewall/8.2
- vendor/speedtouch
- canonical/thomson speedtouch usb driver
- version/thomson speedtouch usb driver/1.0
- version/thomson speedtouch usb driver/1.1
- version/thomson speedtouch usb driver/1.2
- version/thomson speedtouch usb driver/1.2_beta1
- version/thomson speedtouch usb driver/1.2_beta2
- version/thomson speedtouch usb driver/1.2_beta3
- version/thomson speedtouch usb driver/1.3
- vendor/gentoo
- canonical/gentoo linux
- version/gentoo linux/1.4
- canonical/mandrake linux
- version/mandrake linux/8.2
- version/mandrake linux/9.0
- version/mandrake linux/9.1
- version/mandrake linux/9.2
- version/mandrake linux/10.0
- version/mandrake linux/10.1
- canonical/mandriva linux corporate server
- version/mandriva linux corporate server/2.1