EDB-22131
remotebsdVERIFIED
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
CVE-2003-0001
Jon Hart3/23/2007
CVE-2003-0001
NONEMultiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using mal
Veröffentlicht: 1/17/2003Aktualisiert: 4/3/2025
Beschreibung
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
KI-AnalyseKI-gestützt
Betroffene Produkte
freebsdfreebsd
4.2
freebsdfreebsd
4.3
freebsdfreebsd
4.4
freebsdfreebsd
4.5
freebsdfreebsd
4.6
freebsdfreebsd
4.7
linuxlinux_kernel
2.4.1
linuxlinux_kernel
2.4.2
linuxlinux_kernel
2.4.3
linuxlinux_kernel
2.4.4
linuxlinux_kernel
2.4.5
linuxlinux_kernel
2.4.6
linuxlinux_kernel
2.4.7
linuxlinux_kernel
2.4.8
linuxlinux_kernel
2.4.9
linuxlinux_kernel
2.4.10
linuxlinux_kernel
2.4.11
linuxlinux_kernel
2.4.12
linuxlinux_kernel
2.4.13
linuxlinux_kernel
2.4.14
linuxlinux_kernel
2.4.15
linuxlinux_kernel
2.4.16
linuxlinux_kernel
2.4.17
linuxlinux_kernel
2.4.18
linuxlinux_kernel
2.4.19
linuxlinux_kernel
2.4.20
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
netbsdnetbsd
1.5
netbsdnetbsd
1.5.1
netbsdnetbsd
1.5.2
netbsdnetbsd
1.5.3
netbsdnetbsd
1.6
Verfügbare Exploits (3)
Referenzen
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
- http://www.kb.cert.org/vuls/id/412115Third Party AdvisoryUS Government Resource
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.osvdb.org/9962
- http://www.redhat.com/support/errata/RHSA-2003-025.html
- http://www.redhat.com/support/errata/RHSA-2003-088.html
- http://www.securityfocus.com/archive/1/305335/30/26420/threaded
- http://www.securityfocus.com/archive/1/307564/30/26270/threaded
- http://www.securitytracker.com/id/1031583
- http://www.securitytracker.com/id/1040185
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf