Lucene search

[email protected]NVD:CVE-2003-0546

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0546

2003-08-2704:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.009

Percentile

82.5%

JSON

up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.

Affected configurations

Nvd

Node

redhatup2dateMatch3.0.7-1i386

redhatup2dateMatch3.0.7-1i386_gnome

redhatup2dateMatch3.1.23-1i386

redhatup2dateMatch3.1.23-1i386_gnome

VendorProductVersionCPE
redhatup2date3.0.7-1cpe:2.3:a:redhat:up2date:3.0.7-1:*:i386:*:*:*:*:*
redhatup2date3.0.7-1cpe:2.3:a:redhat:up2date:3.0.7-1:*:i386_gnome:*:*:*:*:*
redhatup2date3.1.23-1cpe:2.3:a:redhat:up2date:3.1.23-1:*:i386:*:*:*:*:*
redhatup2date3.1.23-1cpe:2.3:a:redhat:up2date:3.1.23-1:*:i386_gnome:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	up2date	3.0.7-1	cpe:2.3:a:redhat:up2date:3.0.7-1::i386:::::
redhat	up2date	3.0.7-1	cpe:2.3:a:redhat:up2date:3.0.7-1::i386_gnome:::::
redhat	up2date	3.1.23-1	cpe:2.3:a:redhat:up2date:3.1.23-1::i386:::::
redhat	up2date	3.1.23-1	cpe:2.3:a:redhat:up2date:3.1.23-1::i386_gnome:::::

References

marc.info/?l=bugtraq&m=106036724315539&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A631

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.009

Percentile

82.5%

JSON

Related for NVD:CVE-2003-0546

cvelist1 cve1