CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2003-1161
https://notcve.org/view.php?id=CVE-2003-1161
31 Dec 2003 — exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. • http://www.securityfocus.com/bid/8987 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0956
https://notcve.org/view.php?id=CVE-2003-0956
31 Dec 2003 — Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018. • http://linux.bkbits.net:8080/linux-2.4/cset%403ef33d95ym_22QH2xwhDMt264M55Fg •
CVSS: 10.0EPSS: 0%CPEs: 48EXPL: 0CVE-2003-0959
https://notcve.org/view.php?id=CVE-2003-0959
31 Dec 2003 — Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user function calls with improper length arguments. • http://linux.bkbits.net:8080/linux-2.4/cset%403ed382f7UfJ9Q2LKCJq1Tc5B7-EC5A •
CVSS: 9.1EPSS: 0%CPEs: 53EXPL: 0CVE-2003-0984
https://notcve.org/view.php?id=CVE-2003-0984
23 Dec 2003 — Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. Las rutinas de reloj de tiempo real (RTC - real time clock) en Linux kernel 2.4.23 y anteriores no inicializan adecuadamente sus estructuras, lo que podría filtrar datos del kernel en espacio de usuario. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2003-0961 – Linux Kernel 2.4.22 - 'do_brk()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0961
02 Dec 2003 — Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges. Un "error en comprobaciones de límites" en la función do_brk del kernel de Linux 2.4.22 y anteriores permite a usuarios locales ganar privilegios de root. • https://www.exploit-db.com/exploits/131 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2003-0467
https://notcve.org/view.php?id=CVE-2003-0467
05 Aug 2003 — Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error. Vulnerabilidad desconocida en ip_nat_sack_adjust de Netfilter en los kernels de Linux 2.4.20 y algunos 2.5.x,cuando CONFIG_IP_NF_NAT_FTP o CONFIG_IP_NF_NAT_IRC están activa... • http://marc.info/?l=bugtraq&m=105985703724758&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0187
https://notcve.org/view.php?id=CVE-2003-0187
05 Aug 2003 — The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts. El núcleo de seguimiento de conexiones de Netfilter para Linux 2.4.20, con CONFIG_IP_NF_CONNTRACK activado o con el módulo ip_conn... • http://marc.info/?l=bugtraq&m=105986028426824&w=2 •
CVSS: 6.2EPSS: 4%CPEs: 1EXPL: 1CVE-2003-0619 – Linux Kernel 2.4.20 - 'decode_fh' Denial of Service
https://notcve.org/view.php?id=CVE-2003-0619
01 Aug 2003 — Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. Error de falta de signo en enteros en la función decode_fh de nfs3xdr.c en el kernel de Linux anteriores a 2 .4.21 permite a atacantes remotos causar una denegación de servicio (pánico del kernel) mediante un valor de tamaño negativo en los datos XDR de una llamada de procedimien... • https://www.exploit-db.com/exploits/68 •
CVSS: 4.7EPSS: 0%CPEs: 27EXPL: 1CVE-2003-0462 – Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read
https://notcve.org/view.php?id=CVE-2003-0462
25 Jul 2003 — A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). Una condición de carrera en la manera que los punteros env_start y env_end son inicializados en la llamada al sistema execve y usada en fs/proc/base.c en Linux 2.4 permite a usuarios locales causar una denegación de servicio (caída). • https://www.exploit-db.com/exploits/22840 •
CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0CVE-2003-0643
https://notcve.org/view.php?id=CVE-2003-0643
25 Jul 2003 — Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash). • http://ftp.belnet.be/linux/gentoo-portage/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.CAN-2003-0643.patch •