Published: 07/08/2003 Updated: 03/05/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.4.0

A number of vulnerabilities have been discovered in the Linux kernel CAN-2003-0461: /proc/tty/driver/serial in Linux 24x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords This bug has been fixed by restricting access to ...

The IA-64 maintainers fixed several security related bugs in the Linux kernel 2417 used for the IA-64 architecture, mostly by backporting fixes from 2418 The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project: CAN-2003-0001: Multiple ethernet network interface card (NIC) device ...

NVD-CWE-Other http://www.redhat.com/support/errata/RHSA-2003-368.html http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.redhat.com/support/errata/RHSA-2003-408.html http://www.debian.org/security/2004/dsa-358 http://www.mandriva.com/security/advisories?name=MDKSA-2003:074 http://marc.info/?l=bugtraq&m=105664924024009&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A327 https://nvd.nist.gov https://www.debian.org/security/./dsa-358

CVE-2003-0476

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect