Lucene search

[email protected]CVE-2003-0476

HistoryAug 07, 2003 - 4:00 a.m.

CVE-2003-0476

2003-08-0704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0476

linux

execve

file descriptor

access control

nvd

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.4.0

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.4.0

References

marc.info/?l=bugtraq&m=105664924024009&w=2

www.debian.org/security/2004/dsa-358

www.debian.org/security/2004/dsa-423

www.mandriva.com/security/advisories?name=MDKSA-2003:074

www.redhat.com/support/errata/RHSA-2003-238.html

www.redhat.com/support/errata/RHSA-2003-368.html

www.redhat.com/support/errata/RHSA-2003-408.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A327

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2003-0476

nessus4 redhat2 cvelist1 ubuntucve1 suse1 securityvulns1 openvas4 debian3 osv2