Lucene search
PRIOn knowledge basePRION:CVE-2021-3031HistoryJan 13, 2021 - 6:15 p.m.
Information disclosure
2021-01-1318:15:00
PRIOn knowledge base
www.prio-n.com
9
Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall is able to collect potentially sensitive information from these packets. This issue is also known as Etherleak and is detected by security scanners as CVE-2003-0001. This issue impacts: PAN-OS 8.1 version earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5.
Related
cvelist
cvelist
CVE-2021-3031 PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)
2021-01-13 00:00:00
CVE-2003-0001
2003-01-08 05:00:00
cve
cve
paloalto
paloalto
PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)
2021-01-13 17:00:00
nvd
nvd
exploitpack
exploitpack
Ethernet Device Drivers Frame Padding - Etherleak Infomation Leakage
2007-03-23 00:00:00
Cisco ASA 8.4.4.6 8.2.5.32 - Ethernet Information Leak
2013-06-10 00:00:00
ubuntucve
ubuntucve
CVE-2003-0001
2003-01-17 00:00:00
nessus
nessus
HP-UX PHNE_28636 : HPSBUX0305-261 SSRT3451 Potential Security Vulnerability in HP-UX network drivers (Data Leakage) (rev. 01)
2005-03-18 00:00:00
HP-UX PHNE_28143 : HPSBUX0305-261 SSRT3451 Potential Security Vulnerability in HP-UX network drivers (Data Leakage) (rev. 01)
2005-02-16 00:00:00
Solaris 10 (x86) : 125907-02
2018-03-12 00:00:00
securityvulns
securityvulns
Etherleak: Ethernet frame padding information leakage (A010603-1)
2003-01-08 00:00:00
[Full-Disclosure] IRIX Update Some Network Drivers May Leak Data
2004-04-03 00:00:00
Ethernet frame padding information leakage
2005-10-13 00:00:00
seebug
seebug
cert
cert
Network device drivers reuse old frame buffer data to pad packets
2003-01-06 00:00:00
ptrace contains vulnerability allowing for local root compromise
2004-04-16 00:00:00
packetstorm
packetstorm
Cisco ASA Ethernet Information Leak
2013-06-10 00:00:00
etherleak.txt
2007-03-24 00:00:00
exploitdb
exploitdb
openvas
openvas
ICMP 'Etherleak' Information Disclosure
2021-08-23 00:00:00
Juniper Networks Junos OS QFX and EX Series Information Disclosure Vulnerability (JSA10773, Etherleak)
2017-01-12 00:00:00
Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc)
2008-01-17 00:00:00
prion
prion
Sql injection
2013-07-11 14:55:00
Design/Logic Flaw
2018-01-10 22:29:00
Code injection
2022-07-20 15:15:00
debian
debian
[SECURITY] [DSA-336-2] Factual correction for DSA-336-1
2003-06-30 21:32:58
[SECURITY] [DSA-332-1] New Linux 2.4.17 source code and MIPS kernel images fix several vulnerabilities
2003-06-29 01:44:01
[SECURITY] [DSA-311-1] New kernel packages fix several vulnerabilities
2003-06-09 01:26:02
osv
osv
linux-kernel-2.4.18 - several vulnerabilities
2003-06-08 00:00:00
kernel-patch-2.4.18-powerpc - several vulnerabilities
2003-06-09 00:00:00
linux-kernel-2.4.17 - several vulnerabilities
2003-06-27 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00