Main Vulnerability Database Vulnerabilities #VU95661

Security restrictions bypass in Linux kernel - CVE-2003-0464

Published: August 27, 2003 / Updated: May 3, 2018

Vulnerability identifier: #VU95661

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2003-0464

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to read and manipulate data.

The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.

Remediation

Install update from vendor's repository.

External links

http://www.redhat.com/support/errata/RHSA-2003-238.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311

Security restrictions bypass in Linux kernel - CVE-2003-0464

Description

Remediation

External links

Please verify you're human