mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
390 lines
14 KiB
JSON
390 lines
14 KiB
JSON
{
|
|
"id": "CVE-2003-0001",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2003-01-17T05:00:00.000",
|
|
"lastModified": "2024-11-20T23:43:42.547",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "M\u00faltiples controladores de dispositivo (device drivers) de Tarjetas de Interfaz de Red (Network Interface Card - NIC) Ethernet no rellenan las tramas con bytes nulos, lo que permite a atacantes remotos obtener informaci\u00f3n de paquetes anteriores o memoria del kernel usando paquetes malformados, como ha sido demostrado por Etherleak."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"baseScore": 5.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-200"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8208AFC9-0EFC-4A90-AD5A-FD94F5542885"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D4168AE-D19E-482E-8F2B-3E798B2D84E7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=104222046632243&w=2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/7996",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.kb.cert.org/vuls/id/412115",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.osvdb.org/9962",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2003-025.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2003-088.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1031583",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1040185",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=104222046632243&w=2",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/7996",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.kb.cert.org/vuls/id/412115",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.osvdb.org/9962",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2003-025.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2003-088.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1031583",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1040185",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |