Lucene search

MitreCVE-2003-0464

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0464

2003-08-2704:00:00

mitre

web.nvd.nist.gov

linux

kernel

2.4

rpc

vulnerability

local users

udp ports

privileged services

nfsd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

Percentile

5.1%

JSON

The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.

Affected configurations

Nvd

Node

redhatlinuxMatch7.1

redhatlinuxMatch7.2

redhatlinuxMatch7.3

redhatlinuxMatch8.0

redhatlinuxMatch9.0

VendorProductVersionCPE
redhatlinux7.1cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
redhatlinux7.2cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
redhatlinux7.3cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
redhatlinux8.0cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*
redhatlinux9.0cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	linux	7.1	cpe:2.3:o:redhat:linux:7.1:::::::*
redhat	linux	7.2	cpe:2.3:o:redhat:linux:7.2:::::::*
redhat	linux	7.3	cpe:2.3:o:redhat:linux:7.3:::::::*
redhat	linux	8.0	cpe:2.3:o:redhat:linux:8.0:::::::*
redhat	linux	9.0	cpe:2.3:o:redhat:linux:9.0:::::::*

References

www.redhat.com/support/errata/RHSA-2003-238.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2003-0464