var-200308-0094
Vulnerability from variot

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Therefore, it cannot be read originally setuid It is possible to create an executable file with a bit assigned as a new executable file by changing the owner. As a result, local attackers who exploit this issue cannot read it setuid It is possible to read an executable file with a bit attached. At this time, it has been reported that this issue could potentially be used to execute arbitrary code with elevated privileges.Please refer to the “Overview” for the impact of this vulnerability. The problem lies in the atomicity of placing a target executables file descriptor within the current process descriptor and executing the file. Linux is an open source operating system. The execve() function has the following code (fs/binfmt_elf.c): static int load_elf_binary(struct linux_binprm * bprm, struct pt_regs * regs) { struct file interpreter = NULL; / to shut gcc up / [...] retval = kernel_read(bprm->file, elf_ex.e_phoff, (char ) elf_phdata, size); if (retval < 0) goto out_free_ph; retval = get_unused_fd(); if (retval < 0) goto out_free_ph; get_file(bprm- >file); fd_install(elf_exec_fileno = retval, bprm->file); When executing a new binary program, put the open executable file descriptor into the file table of the current process (current execve() caller), and execute . This allows an attacker to read the contents of the suid program (even if the attacker does not have permission to read)

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200308-0094",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "linux",
        "version": "2.4.4"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "linux",
        "version": "2.4.3"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "linux",
        "version": "2.4.2"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "linux",
        "version": "2.4.1"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "linux",
        "version": "2.4.0"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.21"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.20"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.19"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.18"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.17"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.16"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.15"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.14"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.13"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.12"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.11"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.10"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.9"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.8"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.7"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.6"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "linux",
        "version": "2.4.5"
      },
      {
        "model": "mandrake linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mandrakesoft",
        "version": "8.2"
      },
      {
        "model": "mandrake linux corporate server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mandrakesoft",
        "version": "2.1"
      },
      {
        "model": "mandrake multi network firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mandrakesoft",
        "version": "8.2"
      },
      {
        "model": "mandrake linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mandrakesoft",
        "version": "9.0"
      },
      {
        "model": "cobalt raq550",
        "scope": null,
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": null
      },
      {
        "model": "turbolinux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": "7"
      },
      {
        "model": "turbolinux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": "8"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "7.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "7.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "7.3"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "8.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "9"
      },
      {
        "model": "linux advanced work station",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "kernel-utils-2.4-8.29.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-utils-2.4-8.13.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-utils-2.4-7.4.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-uml-2.4.18-14.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-source-2.4.7-10.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-source-2.4.20-8.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-source-2.4.2-2.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-source-2.4.18-3.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-source-2.4.18-14.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.7-10.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.7-10.i586.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.7-10.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.20-8.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.20-8.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.2-2.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.2-2.i586.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.18-3.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.18-3.i586.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.18-3.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.18-14.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-smp-2.4.18-14.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-headers-2.4.7-10.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-headers-2.4.2-2.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-enterprise-2.4.2-2.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-doc-2.4.7-10.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-doc-2.4.20-8.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-doc-2.4.2-2.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-doc-2.4.18-3.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-doc-2.4.18-14.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-debug-2.4.18-3.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-debug-2.4.18-14.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-boot-2.4.7-10.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-boot-2.4.20-8.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-boot-2.4.2-2.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-boot-2.4.18-3.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-boot-2.4.18-14.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-bigmem-2.4.20-8.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-bigmem-2.4.18-3.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-bigmem-2.4.18-14.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.7-10.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.7-10.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.7-10.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.20-8.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.20-8.i586.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.20-8.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.2-2.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.2-2.i586.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.2-2.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.18-3.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.18-3.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.18-3.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.18-14.i686.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.18-14.i586.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "kernel-2.4.18-14.athlon.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "enterprise linux ws ia64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "enterprise linux ws",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "enterprise linux es ia64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "enterprise linux es",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "hat enterprise linux as ia64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "2.1"
      },
      {
        "model": "hat enterprise linux as",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "2.1"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "9.0"
      },
      {
        "model": "linux mandrake ppc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "8.2"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "8.2"
      },
      {
        "model": "multi network firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "2.0"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "2.1"
      },
      {
        "model": "kernel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "linux",
        "version": "2.4"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "8042"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Paul Starzetz\u203b paul@starzetz.de",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2003-0462",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 1.2,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 1.2,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2003-0462",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 1.2,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.9,
            "id": "VHN-7290",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:H/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2003-0462",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200308-176",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-7290",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-7290"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Therefore, it cannot be read originally setuid It is possible to create an executable file with a bit assigned as a new executable file by changing the owner. As a result, local attackers who exploit this issue cannot read it setuid It is possible to read an executable file with a bit attached. At this time, it has been reported that this issue could potentially be used to execute arbitrary code with elevated privileges.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. The problem lies in the atomicity of placing a target executables file descriptor within the current process descriptor and executing the file. Linux is an open source operating system. The execve() function has the following code (fs/binfmt_elf.c): static int load_elf_binary(struct linux_binprm * bprm, struct pt_regs * regs) { struct file *interpreter = NULL; /* to shut gcc up */ [...] retval = kernel_read(bprm-\u003efile, elf_ex.e_phoff, (char *) elf_phdata, size); if (retval \u003c  0) goto out_free_ph; retval = get_unused_fd(); if (retval \u003c  0) goto out_free_ph; get_file(bprm- \u003efile); fd_install(elf_exec_fileno = retval, bprm-\u003efile); When executing a new binary program, put the open executable file descriptor into the file table of the current process (current execve() caller), and execute . This allows an attacker to read the contents of the suid program (even if the attacker does not have permission to read)",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "db": "BID",
        "id": "8042"
      },
      {
        "db": "VULHUB",
        "id": "VHN-7290"
      }
    ],
    "trust": 1.98
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-7290",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-7290"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2003-0462",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "8042",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176",
        "trust": 0.7
      },
      {
        "db": "DEBIAN",
        "id": "DSA-423",
        "trust": 0.6
      },
      {
        "db": "DEBIAN",
        "id": "DSA-358",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2003:239",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2003:238",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2003:198",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:309",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-76634",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "22840",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-7290",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-7290"
      },
      {
        "db": "BID",
        "id": "8042"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ]
  },
  "id": "VAR-200308-0094",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-7290"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T10:43:51.978000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "RHSA-2003:238",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2003-238.html"
      },
      {
        "title": "550 Kernel C10 Update 0.0.1",
        "trust": 0.8,
        "url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
      },
      {
        "title": "TLSA-2003-58",
        "trust": 0.8,
        "url": "http://www.turbolinux.com/security/2003/tlsa-2003-58.txt"
      },
      {
        "title": "RHSA-2003:238",
        "trust": 0.8,
        "url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-238j.html"
      },
      {
        "title": "TLSA-2003-58",
        "trust": 0.8,
        "url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-58j.txt"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.debian.org/security/2004/dsa-358"
      },
      {
        "trust": 1.7,
        "url": "http://www.debian.org/security/2004/dsa-423"
      },
      {
        "trust": 1.7,
        "url": "http://www.redhat.com/support/errata/rhsa-2003-198.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.redhat.com/support/errata/rhsa-2003-238.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.redhat.com/support/errata/rhsa-2003-239.html"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a309"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0462"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0462"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/8042"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:309"
      },
      {
        "trust": 0.3,
        "url": "http://archives.neohapsis.com/archives/vendor/2003-q3/0052.html"
      },
      {
        "trust": 0.3,
        "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000712"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhba-2003-263.html"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2003-198.html"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2003-239.html"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/326872"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-7290"
      },
      {
        "db": "BID",
        "id": "8042"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-7290"
      },
      {
        "db": "BID",
        "id": "8042"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2003-08-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-7290"
      },
      {
        "date": "2003-06-26T00:00:00",
        "db": "BID",
        "id": "8042"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "date": "2003-08-27T04:00:00",
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "date": "2003-06-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-7290"
      },
      {
        "date": "2009-07-11T22:56:00",
        "db": "BID",
        "id": "8042"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      },
      {
        "date": "2017-10-11T01:29:10.433000",
        "db": "NVD",
        "id": "CVE-2003-0462"
      },
      {
        "date": "2005-10-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "8042"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Linux Kernel of  execve Vulnerability that causes a race condition in system calls",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2003-000197"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "competitive condition",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200308-176"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.