EDB-22131
remotebsdVERIFIED
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
CVE-2003-0001
Jon Hart3/23/2007
CVE-2003-0001
NONEMultiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using mal
Published: 1/17/2003Updated: 4/3/2025
Description
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
AI AnalysisPowered by AI
Affected Products
freebsdfreebsd
4.2
freebsdfreebsd
4.3
freebsdfreebsd
4.4
freebsdfreebsd
4.5
freebsdfreebsd
4.6
freebsdfreebsd
4.7
linuxlinux_kernel
2.4.1
linuxlinux_kernel
2.4.2
linuxlinux_kernel
2.4.3
linuxlinux_kernel
2.4.4
linuxlinux_kernel
2.4.5
linuxlinux_kernel
2.4.6
linuxlinux_kernel
2.4.7
linuxlinux_kernel
2.4.8
linuxlinux_kernel
2.4.9
linuxlinux_kernel
2.4.10
linuxlinux_kernel
2.4.11
linuxlinux_kernel
2.4.12
linuxlinux_kernel
2.4.13
linuxlinux_kernel
2.4.14
linuxlinux_kernel
2.4.15
linuxlinux_kernel
2.4.16
linuxlinux_kernel
2.4.17
linuxlinux_kernel
2.4.18
linuxlinux_kernel
2.4.19
linuxlinux_kernel
2.4.20
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
netbsdnetbsd
1.5
netbsdnetbsd
1.5.1
netbsdnetbsd
1.5.2
netbsdnetbsd
1.5.3
netbsdnetbsd
1.6
Available Exploits (3)
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
- http://www.kb.cert.org/vuls/id/412115Third Party AdvisoryUS Government Resource
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.osvdb.org/9962
- http://www.redhat.com/support/errata/RHSA-2003-025.html
- http://www.redhat.com/support/errata/RHSA-2003-088.html
- http://www.securityfocus.com/archive/1/305335/30/26420/threaded
- http://www.securityfocus.com/archive/1/307564/30/26270/threaded
- http://www.securitytracker.com/id/1031583
- http://www.securitytracker.com/id/1040185
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf