Lucene search

[email protected]CVE-2003-0550

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0550

2003-08-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

stp protocol

linux 2.4.x

security

bridge topology

cve-2003-0550

nvd

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

64.4%

JSON

The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.

CPENameOperatorVersion
redhat:linuxredhat linuxeq2.4.2

CPE	Name	Operator	Version
redhat:linux	redhat linux	eq	2.4.2

References

www.debian.org/security/2004/dsa-358

www.debian.org/security/2004/dsa-423

www.redhat.com/support/errata/RHSA-2003-238.html

www.redhat.com/support/errata/RHSA-2003-239.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

64.4%

JSON

Related for CVE-2003-0550

nessus3 redhat2 securityvulns1 debian3 openvas4 osv2