Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2003-0501

Published: 07/08/2003 Updated: 03/05/2018
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 215
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Linux

Vulnerability Summary

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 2.6.20.1

Vendor Advisories

Debian Security Advisories: DSA-358-4 linux-kernel-2.4.18 -- several vulnerabilities
A number of vulnerabilities have been discovered in the Linux kernel CAN-2003-0461: /proc/tty/driver/serial in Linux 24x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords This bug has been fixed by restricting access to ...
Debian Security Advisories: DSA-423-1 linux-kernel-2.4.17-ia64 -- several vulnerabilities
The IA-64 maintainers fixed several security related bugs in the Linux kernel 2417 used for the IA-64 architecture, mostly by backporting fixes from 2418 The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project: CAN-2003-0001: Multiple ethernet network interface card (NIC) device ...

Exploits

Exploit DB: Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Information Disclosure
/* source: wwwsecurityfocuscom/bid/8002/info A potential information disclosure vulnerability has been reported for the Linux /proc filesystem, specifically when invoking setuid applications As a result, an unprivileged user may be able to read the contents of a setuid application's environment data This could potentially, although unl ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2003-198.htmlhttp://www.debian.org/security/2004/dsa-423http://www.redhat.com/support/errata/RHSA-2003-238.htmlhttp://www.debian.org/security/2004/dsa-358http://www.redhat.com/support/errata/RHSA-2003-239.htmlhttp://marc.info/?l=bugtraq&m=105621758104242https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A328https://nvd.nist.govhttps://www.debian.org/security/./dsa-358https://www.exploit-db.com/exploits/22813/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook