CVE-2003-0194

2003-06-0904:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0194

tcpdump

privilege escalation

nvd

information security

6.7 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

11.7%

JSON

tcpdump does not properly drop privileges to the pcap user when starting up.

CPENameOperatorVersion
redhat:tcpdumpredhat tcpdumpeq3.6.3-3
redhat:tcpdumpredhat tcpdumpeq3.7.2-1
redhat:tcpdumpredhat tcpdumpeq3.6.2-9
redhat:tcpdumpredhat tcpdumpeq3.6.2-12
redhat:tcpdumpredhat tcpdumpeq3.4-39
redhat:linuxredhat linuxeq7.2
redhat:linuxredhat linuxeq8.0
redhat:linuxredhat linuxeq7.3
redhat:linuxredhat linuxeq9.0
redhat:linuxredhat linuxeq7.1

CPE	Name	Operator	Version
redhat:tcpdump	redhat tcpdump	eq	3.6.3-3
redhat:tcpdump	redhat tcpdump	eq	3.7.2-1
redhat:tcpdump	redhat tcpdump	eq	3.6.2-9
redhat:tcpdump	redhat tcpdump	eq	3.6.2-12
redhat:tcpdump	redhat tcpdump	eq	3.4-39
redhat:linux	redhat linux	eq	7.2
redhat:linux	redhat linux	eq	8.0
redhat:linux	redhat linux	eq	7.3
redhat:linux	redhat linux	eq	9.0
redhat:linux	redhat linux	eq	7.1