Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2003-0489HistoryOct 03, 2022 - 4:15 p.m.
CVE-2003-0489
2022-10-0316:15:43
Debian Security Bug Tracker
security-tracker.debian.org
7
cve-2003-0489
tcptraceroute
privilege escalation
file descriptor
unix
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | tcptraceroute | < 1.4-4 | tcptraceroute_1.4-4_all.deb |
| Debian | 11 | all | tcptraceroute | < 1.4-4 | tcptraceroute_1.4-4_all.deb |
| Debian | 10 | all | tcptraceroute | < 1.4-4 | tcptraceroute_1.4-4_all.deb |
| Debian | 999 | all | tcptraceroute | < 1.4-4 | tcptraceroute_1.4-4_all.deb |
| Debian | 13 | all | tcptraceroute | < 1.4-4 | tcptraceroute_1.4-4_all.deb |
Related
nessus
nessus
Debian DSA-330-1 : tcptraceroute - failure to drop root privileges
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 330-1 (tcptraceroute)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-330)
2008-01-17 00:00:00
nvd
nvd
CVE-2003-0489
2003-08-07 04:00:00
cvelist
cvelist
CVE-2003-0489
2022-10-03 16:15:43
osv
osv
tcptraceroute - failure to drop root privileges
2003-06-23 00:00:00
cve
cve
CVE-2003-0489
2022-10-03 16:15:43
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2003-0489