Vulnerability CVE-2001-1395

Vulnerability Name:

CVE-2001-1395 (CCN-11166)

Assigned:

2001-04-09

Published:

2001-04-09

Updated:

2016-12-08

Summary:

Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact.

CVSS v3 Severity:

5.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

3.6 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

3.6 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Other

References:

Source: CCN
Type: Caldera Systems, Inc. Security Advisory CSSA-2001-012.0
several security problems in linux kernel

Source: CCN
Type: BugTraq Mailing List, Fri Jan 24 2003 - 14:07:44 CST
Blackboard 5.x & patched 5.x systems Password Retrieval

Source: MITRE
Type: CNA
CVE-2001-1395

Source: CCN
Type: Conectiva Linux Announcement CLSA-2001:394
kernel

Source: IMMUNIX
Type: UNKNOWN
IMNX-2001-70-010-01

Source: CALDERA
Type: UNKNOWN
CSSA-2001-012.0

Source: BUGTRAQ
Type: UNKNOWN
20010405 Trustix Security Advisory #2001-0003 - kernel

Source: BUGTRAQ
Type: UNKNOWN
20010409 PROGENY-SA-2001-01: execve()/ptrace() exploit in Linux kernels

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2001:037

Source: CONECTIVA
Type: UNKNOWN
CLA-2001:394

Source: SUSE
Type: UNKNOWN
SuSE-SA:2001:018

Source: CCN
Type: Immunix OS Security Advisory IMNX-2001-70-010-01
kernel

Source: CCN
Type: Progeny Linux Systems Security Advisory PROGENY-SA-2001-01
execve()/ptrace() exploit in Linux kernels prior to 2.2.19

Source: CCN
Type: RHSA-2001-047
Linux kernel 2.2.19 now available

Source: CCN
Type: RHSA-2002-210
New kernel 2.2 packages fix local vulnerabilities

Source: DEBIAN
Type: DSA-047
kernel -- multiple security problems

Source: CCN
Type: The The Linux Kernel Archives Web site
The Linux Kernel Archives

Source: CONFIRM
Type: UNKNOWN
http://www.linux.org.uk/VERSION/relnotes.2219.html

Source: CCN
Type: OSVDB ID: 9578
Linux Kernel sockfilter Boundary Cases Unspecified Issue

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2001:047

Source: CCN
Type: SuSE Security Announcement SuSE-SA:2001:18
kernel

Source: CCN
Type: Trustix Secure Linux Security Advisory #2001-0003
kernel

Source: CCN
Type: USSG Indiana University Web Site
Linux 2.2.19 Release Notes

Source: CCN
Type: MandrakeSoft Security Advisory MDKSA-2001:037
Updated kernel packages fix a number of serious security flaws

Source: XF
Type: UNKNOWN
linux-sockfilter(11166)

Source: DEBIAN
Type: UNKNOWN
DSA-047

Vulnerable Configuration:

Configuration 1:

cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:* (Version <= 2.2.19)

Configuration CCN 1:

cpe:/o:linux:linux_kernel:2.2.0:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.13:pre15:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.19:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.14:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.3:*:*:*:*:*:*:*