EDB-22131
remotebsdVERIFIED
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
CVE-2003-0001
Jon Hart3/23/2007
CVE-2003-0001
NONEMultiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using mal
Publicado: 1/17/2003Actualizado: 4/3/2025
Descripción
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
Análisis IAImpulsado por IA
Productos Afectados
freebsdfreebsd
4.2
freebsdfreebsd
4.3
freebsdfreebsd
4.4
freebsdfreebsd
4.5
freebsdfreebsd
4.6
freebsdfreebsd
4.7
linuxlinux_kernel
2.4.1
linuxlinux_kernel
2.4.2
linuxlinux_kernel
2.4.3
linuxlinux_kernel
2.4.4
linuxlinux_kernel
2.4.5
linuxlinux_kernel
2.4.6
linuxlinux_kernel
2.4.7
linuxlinux_kernel
2.4.8
linuxlinux_kernel
2.4.9
linuxlinux_kernel
2.4.10
linuxlinux_kernel
2.4.11
linuxlinux_kernel
2.4.12
linuxlinux_kernel
2.4.13
linuxlinux_kernel
2.4.14
linuxlinux_kernel
2.4.15
linuxlinux_kernel
2.4.16
linuxlinux_kernel
2.4.17
linuxlinux_kernel
2.4.18
linuxlinux_kernel
2.4.19
linuxlinux_kernel
2.4.20
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
netbsdnetbsd
1.5
netbsdnetbsd
1.5.1
netbsdnetbsd
1.5.2
netbsdnetbsd
1.5.3
netbsdnetbsd
1.6
Exploits Disponibles (3)
Referencias
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
- http://www.kb.cert.org/vuls/id/412115Third Party AdvisoryUS Government Resource
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.osvdb.org/9962
- http://www.redhat.com/support/errata/RHSA-2003-025.html
- http://www.redhat.com/support/errata/RHSA-2003-088.html
- http://www.securityfocus.com/archive/1/305335/30/26420/threaded
- http://www.securityfocus.com/archive/1/307564/30/26270/threaded
- http://www.securitytracker.com/id/1031583
- http://www.securitytracker.com/id/1040185
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf