Vulnerability Name:
CVE-2003-0476 (CCN-12447)
Assigned:
2003-06-26
Published:
2003-06-26
Updated:
2018-05-03
Summary:
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
CVSS v3 Severity:
4.0 Medium
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
)
Exploitability Metrics:
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
None
Availibility (A):
None
CVSS v2 Severity:
2.1 Low
(CVSS v2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
)
Exploitability Metrics:
Access Vector (AV):
Local
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
None
Availibility (A):
None
2.1 Low
(CCN CVSS v2 Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
)
Exploitability Metrics:
Access Vector (AV):
Local
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
None
Availibility (A):
None
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Gain Privileges
References:
Source: CCN
Type: BugTraq Mailing List, Thu Jun 26 2003 - 12:24:23 CDT
Linux 2.4.x execve() file read race vulnerability
Source: MITRE
Type: CNA
CVE-2003-0476
Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2003:796
kernel
Source: BUGTRAQ
Type: UNKNOWN
20030626 Linux 2.4.x execve() file read race vulnerability
Source: CCN
Type: RHSA-2003-238
Updated 2.4 kernel fixes vulnerabilities
Source: CCN
Type: RHSA-2003-368
Updated IA64 kernel packages address security vulnerabilities
Source: CCN
Type: RHSA-2003-408
Updated kernel packages address security vulnerabilities
Source: CCN
Type: CIAC Information Bulletin N-122
Red Hat Updated 2.4 Kernel Fixes Vulnerabilities
Source: CCN
Type: CIAC Information Bulletin O-031
Red Hat Updated 2.4 Kernel Fixes Privilege Escalation Security Vulnerability
Source: CCN
Type: CIAC Information Bulletin O-043
Red Hat Updated Kernel Packages
Source: CCN
Type: CIAC Information Bulletin O-059
Debian Linux-Kernel-2.4.14-ia64 Vulnerabilities
Source: DEBIAN
Type: UNKNOWN
DSA-358
Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-423
Source: DEBIAN
Type: DSA-358
linux-kernel-2.4.18 -- several vulnerabilities
Source: DEBIAN
Type: DSA-423
linux-kernel-2.4.17-ia64 -- several vulnerabilities
Source: MANDRAKE
Type: UNKNOWN
MDKSA-2003:074
Source: REDHAT
Type: UNKNOWN
RHSA-2003:238
Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2003:368
Source: REDHAT
Type: UNKNOWN
RHSA-2003:408
Source: CCN
Type: BID-8042
Linux 2.4 Kernel execve() System Call Race Condition Vulnerability
Source: CCN
Type: BID-8233
Multiple Linux 2.4 Kernel Vulnerabilities
Source: XF
Type: UNKNOWN
linux-execve-gain-privileges(12447)
Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:327
Source: SUSE
Type: SUSE-SA:2003:034
kernel: local privilege escalation remote Denial of Service (DoS)
Vulnerable Configuration:
Configuration 1
:
cpe:/o:linux:linux_kernel:2.4.0:-:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/o:linux:linux_kernel:2.4.0:-:*:*:*:*:*:*
AND
cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
OR
cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:*
OR
cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
OR
cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*
OR
cpe:/o:engardelinux:secure_linux:-:*:*:*:*:*:*:*
OR
cpe:/a:suse:suse_linux_firewall:*:*:*:*:*:*:*:*
OR
cpe:/a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*
OR
cpe:/a:suse:suse_email_server:iii:*:*:*:*:*:*:*
OR
cpe:/a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*
OR
cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*
OR
cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
OR
cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
OR
cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
OR
cpe:/o:engardelinux:secure_professional:-:*:*:*:*:*:*:*
OR
cpe:/a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*
OR
cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*
OR
cpe:/a:suse:suse_email_server:3.1:*:*:*:*:*:*:*
OR
cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
OR
cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
OR
cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
OR
cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
OR
cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
OR
cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
Denotes that component is vulnerable
Oval Definitions
Definition ID
Class
Title
Last Modified
oval:org.cisecurity:def:532
P
DSA-358-4 -- linux-kernel-2.4.18 -- several vulnerabilities
2016-07-01
oval:org.opensuse.security:def:20030476
V
CVE-2003-0476
2015-11-16
oval:org.mitre.oval:def:327
V
Linux Kernel execve Read Access to Restricted File Descriptors
2014-06-09
oval:org.debian:def:358
V
several vulnerabilities
2013-01-21
oval:org.debian:def:423
V
several vulnerabilities
2004-01-15
BACK
linux
linux kernel 2.4.0
linux
linux kernel 2.4.0
redhat
linux 7.1
suse
suse linux 7.2
redhat
linux 7.2
suse
suse linux 7.3
engardelinux
secure linux -
suse
suse linux firewall *
suse
suse linux database server *
suse
suse email server iii
suse
suse linux connectivity server *
suse
suse linux 8.0
conectiva
linux 8.0
redhat
linux 7.3
debian
debian linux 3.0
engardelinux
secure professional -
suse
suse linux office server *
redhat
linux 8.0
suse
suse email server 3.1
suse
suse linux 8.1
suse
linux enterprise server 8
redhat
enterprise linux 2.1
redhat
enterprise linux 2.1
redhat
enterprise linux 2.1
redhat
linux 9.0
suse
suse linux 8.2
conectiva
linux 9.0
redhat
linux advanced workstation 2.1
Denotes that component is vulnerable