Published: 25/07/2003 Updated: 10/09/2008

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows malicious users to cause a denial of service (crash).

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.4.11
linux linux kernel 2.4.12
linux linux kernel 2.4.13
linux linux kernel 2.4.14
linux linux kernel 2.4.19
linux linux kernel 2.4.5
linux linux kernel 2.4.6
linux linux kernel 2.4.7
linux linux kernel 2.4.8
linux linux kernel 2.4.9
linux linux kernel 2.4.18
linux linux kernel 2.4.20
linux linux kernel 2.4.21
linux linux kernel 2.4.10
linux linux kernel 2.4.15
linux linux kernel 2.4.17
linux linux kernel 2.4.2
linux linux kernel 2.4.3
linux linux kernel 2.4.16
linux linux kernel 2.4.22
linux linux kernel 2.4.4

A number of vulnerabilities have been discovered in the Linux kernel CAN-2003-0461: /proc/tty/driver/serial in Linux 24x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords This bug has been fixed by restricting access to ...

NVD-CWE-Other http://www.ultramonkey.org/bugs/cve/CAN-2003-0643.shtml http://www.ultramonkey.org/bugs/cve-patch/CAN-2003-0643.patch http://gentoo.kems.net/gentoo-x86-portage/sys-kernel/gentoo-sources/ChangeLog http://mirror.clarkson.edu/pub/distributions/gentoo-portage/sys-kernel/wolk-sources/ChangeLog http://ftp.belnet.be/linux/gentoo-portage/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.CAN-2003-0643.patch http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf http://secunia.com/advisories/23265 https://nvd.nist.gov https://www.debian.org/security/./dsa-358

CVE-2003-0643

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect