VAR-200312-0223
Vulnerability from variot - Updated: 2023-12-18 11:17iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface. Red Hat Linux Included in iproute In Linux Netlink Check for messages via the interface is improper, so forged messages Linux Netlink There are vulnerabilities that will be accepted if received via the interface.proute A command included in the package interferes with service operation (DoS) It may be in a state. A problem has been discovered in iproute when handling messages from the kernel. Because of this, it may be possible for an attacker to deny service to legitimate users of a system. iproute is an advanced IP routing and network device configuration tool. No detailed vulnerability details are currently available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200312-0223",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iproute",
"scope": "lte",
"trust": 1.0,
"vendor": "stephen hemminger",
"version": "2.4.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "iproute",
"scope": "eq",
"trust": 0.6,
"vendor": "stephen hemminger",
"version": "2.4.7"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "linux pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "mischler iproute",
"scope": "eq",
"trust": 0.3,
"vendor": "david",
"version": "2.4.7"
},
{
"model": "mischler iproute",
"scope": "eq",
"trust": 0.3,
"vendor": "david",
"version": "2.2.4"
},
{
"model": "mischler iproute",
"scope": "eq",
"trust": 0.3,
"vendor": "david",
"version": "20010824"
}
],
"sources": [
{
"db": "BID",
"id": "9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:stephen_hemminger:iproute:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Herbert Xu",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0856",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2003-0856",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-7681",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0856",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200312-048",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-7681",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface. Red Hat Linux Included in iproute In Linux Netlink Check for messages via the interface is improper, so forged messages Linux Netlink There are vulnerabilities that will be accepted if received via the interface.proute A command included in the package interferes with service operation (DoS) It may be in a state. A problem has been discovered in iproute when handling messages from the kernel. Because of this, it may be possible for an attacker to deny service to legitimate users of a system. iproute is an advanced IP routing and network device configuration tool. No detailed vulnerability details are currently available",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "BID",
"id": "9092"
},
{
"db": "VULHUB",
"id": "VHN-7681"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0856",
"trust": 2.8
},
{
"db": "BID",
"id": "9092",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1008173",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048",
"trust": 0.7
},
{
"db": "SUSE",
"id": "SUSE-SR:2005:001",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-492",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:317",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:316",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2004-115",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:10912",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-7681",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "BID",
"id": "9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
]
},
"id": "VAR-200312-0223",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:17:58.642000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2003:316",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-316.html"
},
{
"title": "RHSA-2003:316",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-316j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.debian.org/security/2004/dsa-492"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-may/msg00004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-316.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-317.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10912"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0856"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0856"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/9092"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2003/nov/1008173.html"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:10912"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "BID",
"id": "9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-7681"
},
{
"date": "2003-11-24T00:00:00",
"db": "BID",
"id": "9092"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"date": "2003-12-15T05:00:00",
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"date": "2003-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7681"
},
{
"date": "2009-07-12T00:56:00",
"db": "BID",
"id": "9092"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"date": "2017-10-11T01:29:15.527000",
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"date": "2005-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "9092"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Linux of iproute Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…