var-200312-0223
Vulnerability from variot
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface. Red Hat Linux Included in iproute In Linux Netlink Check for messages via the interface is improper, so forged messages Linux Netlink There are vulnerabilities that will be accepted if received via the interface.proute A command included in the package interferes with service operation (DoS) It may be in a state. A problem has been discovered in iproute when handling messages from the kernel. Because of this, it may be possible for an attacker to deny service to legitimate users of a system. iproute is an advanced IP routing and network device configuration tool. No detailed vulnerability details are currently available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200312-0223",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iproute",
"scope": "lte",
"trust": 1.0,
"vendor": "stephen hemminger",
"version": "2.4.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "iproute",
"scope": "eq",
"trust": 0.6,
"vendor": "stephen hemminger",
"version": "2.4.7"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "linux pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "mischler iproute",
"scope": "eq",
"trust": 0.3,
"vendor": "david",
"version": "2.4.7"
},
{
"model": "mischler iproute",
"scope": "eq",
"trust": 0.3,
"vendor": "david",
"version": "2.2.4"
},
{
"model": "mischler iproute",
"scope": "eq",
"trust": 0.3,
"vendor": "david",
"version": "20010824"
}
],
"sources": [
{
"db": "BID",
"id": "9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:redhat:linux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Herbert Xu",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0856",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2003-0856",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-7681",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-0856",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2003-0856",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200312-048",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-7681",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface. Red Hat Linux Included in iproute In Linux Netlink Check for messages via the interface is improper, so forged messages Linux Netlink There are vulnerabilities that will be accepted if received via the interface.proute A command included in the package interferes with service operation (DoS) It may be in a state. A problem has been discovered in iproute when handling messages from the kernel. Because of this, it may be possible for an attacker to deny service to legitimate users of a system. iproute is an advanced IP routing and network device configuration tool. No detailed vulnerability details are currently available",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0856"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "BID",
"id": "9092"
},
{
"db": "VULHUB",
"id": "VHN-7681"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0856",
"trust": 2.8
},
{
"db": "BID",
"id": "9092",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1008173",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048",
"trust": 0.7
},
{
"db": "SUSE",
"id": "SUSE-SR:2005:001",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-492",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:317",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:316",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2004-115",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:10912",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-7681",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "BID",
"id": "9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"id": "VAR-200312-0223",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:34:24.955000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2003:316",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2003-316.html"
},
{
"title": "RHSA-2003:316",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2003-316J.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.debian.org/security/2004/dsa-492"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-may/msg00004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-316.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-317.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10912"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0856"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0856"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/9092"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2003/nov/1008173.html"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:10912"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-7681"
},
{
"db": "BID",
"id": "9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
},
{
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-7681"
},
{
"date": "2003-11-24T00:00:00",
"db": "BID",
"id": "9092"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"date": "2003-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-048"
},
{
"date": "2003-12-15T05:00:00",
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7681"
},
{
"date": "2009-07-12T00:56:00",
"db": "BID",
"id": "9092"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000356"
},
{
"date": "2005-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-048"
},
{
"date": "2017-10-11T01:29:15.527000",
"db": "NVD",
"id": "CVE-2003-0856"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "9092"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Linux of iproute Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000356"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-048"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.