CVSS: 5.0EPSS: 16%CPEs: 1EXPL: 0CVE-2003-0244
https://notcve.org/view.php?id=CVE-2003-0244
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. La implementación de la caché de ruta en Linux 2.4 y el módulo Netfilter IP conntrack permite que atacantes remotos provoquen una denegación de servicio (agotamiento de CPU) mediante paquetes con una dirección fuente alterada (lo que causa un elevado número de colisiones de tabla hash relacionadas con la cadena PREROUTING). • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html http://marc.info/?l=bugtraq&m=105301461726555&w=2 http://marc.info/?l=bugtraq&m=105595901923063&w=2 http://marc.info/?l=linux-kernel&m=104956079213417 http://www.debian.org/security/2003/dsa-311 http://www.debian.org/security/2003/dsa-312 http://www.debian.org/security/2003/dsa-332 http://www.debian.org/security/2003/dsa-336 http://www.debian.org/security/2004/dsa-442 http://www.enyo& •
CVSS: 7.2EPSS: 0%CPEs: 47EXPL: 4CVE-2003-0127 – Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0127
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. • https://www.exploit-db.com/exploits/3 https://www.exploit-db.com/exploits/22362 https://www.exploit-db.com/exploits/22363 https://www.exploit-db.com/exploits/12 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-020.0.txt http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0134.html http://marc.info/?l=bugtraq&m=105301461726555&w=2 http://rhn.redhat.com/errata/RHSA-2003-088.html http://rhn.redhat.com/errata/RHSA-2003-098.html http://security.gent •
CVSS: 3.6EPSS: 0%CPEs: 10EXPL: 0CVE-2003-0018
https://notcve.org/view.php?id=CVE-2003-0018
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. Linux kernel 2.4.10 y versiones posteriores incluyendo 2.4.18, no maneja adecuadamente la característica O_REDIRECT, lo que permite a atacantes locales con privilegios de escritura leer porciones de ficheros previamente borrados, o producir corrupción en el sistema de ficheros. • http://linux.bkbits.net:8080/linux-2.4/cset%403e2f193drGJDBg9SG6JwaDQwCBnAMQ http://www.debian.org/security/2003/dsa-358 http://www.debian.org/security/2004/dsa-423 http://www.iss.net/security_center/static/11249.php http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:014 http://www.redhat.com/support/errata/RHSA-2003-025.html http://www.securityfocus.com/bid/6763 •
CVSS: 5.3EPSS: 2%CPEs: 37EXPL: 3CVE-2003-0001 – Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
https://notcve.org/view.php?id=CVE-2003-0001
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. Múltiples controladores de dispositivo (device drivers) de Tarjetas de Interfaz de Red (Network Interface Card - NIC) Ethernet no rellenan las tramas con bytes nulos, lo que permite a atacantes remotos obtener información de paquetes anteriores o memoria del kernel usando paquetes malformados, como ha sido demostrado por Etherleak. • https://www.exploit-db.com/exploits/22131 https://www.exploit-db.com/exploits/26076 https://www.exploit-db.com/exploits/3555 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html http://marc.info/?l=bugtraq&m=104222046632243&w=2 http://secunia.com/advisories/7996 http://www.atstake.com/research/advisories/2003/a010603-1.txt http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf http://www.kb.cert.org/vuls/id/412115 http://www.ora • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 49EXPL: 0CVE-2002-1976
https://notcve.org/view.php?id=CVE-2002-1976
ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap. • http://archives.neohapsis.com/archives/bugtraq/2002-07/0279.html http://online.securityfocus.com/archive/1/284142 http://online.securityfocus.com/archive/1/284257 http://www.iss.net/security_center/static/9676.php http://www.securityfocus.com/bid/5304 •