Lucene search

MitreCVE-2003-0670

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0670

2003-08-2704:00:00

mitre

web.nvd.nist.gov

sustworks

ipnetsentryx

ipnetmonitorx

cve-2003-0670

local users

network packets

sniffing

setuid

runtcpdump

tcpdump

runtcpflow

tcpflow

vulnerability

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow.

Affected configurations

Nvd

Node

sustainable_softworksipnetmonitorx

sustainable_softworksipnetsentryx

VendorProductVersionCPE
sustainable_softworksipnetmonitorx*cpe:2.3:a:sustainable_softworks:ipnetmonitorx:*:*:*:*:*:*:*:*
sustainable_softworksipnetsentryx*cpe:2.3:a:sustainable_softworks:ipnetsentryx:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sustainable_softworks	ipnetmonitorx	*	cpe:2.3:a:sustainable_softworks:ipnetmonitorx::::::::
sustainable_softworks	ipnetsentryx	*	cpe:2.3:a:sustainable_softworks:ipnetsentryx::::::::

References

www.atstake.com/research/advisories/2003/a080703-1.txt

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2003-0670