EDB-22131
remotebsdVERIFIED
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
CVE-2003-0001
Jon Hart3/23/2007
CVE-2003-0001
NONEMultiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using mal
Publicado: 1/17/2003Atualizado: 4/3/2025
Descrição
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
Análise IADesenvolvido por IA
Produtos Afetados
freebsdfreebsd
4.2
freebsdfreebsd
4.3
freebsdfreebsd
4.4
freebsdfreebsd
4.5
freebsdfreebsd
4.6
freebsdfreebsd
4.7
linuxlinux_kernel
2.4.1
linuxlinux_kernel
2.4.2
linuxlinux_kernel
2.4.3
linuxlinux_kernel
2.4.4
linuxlinux_kernel
2.4.5
linuxlinux_kernel
2.4.6
linuxlinux_kernel
2.4.7
linuxlinux_kernel
2.4.8
linuxlinux_kernel
2.4.9
linuxlinux_kernel
2.4.10
linuxlinux_kernel
2.4.11
linuxlinux_kernel
2.4.12
linuxlinux_kernel
2.4.13
linuxlinux_kernel
2.4.14
linuxlinux_kernel
2.4.15
linuxlinux_kernel
2.4.16
linuxlinux_kernel
2.4.17
linuxlinux_kernel
2.4.18
linuxlinux_kernel
2.4.19
linuxlinux_kernel
2.4.20
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
microsoftwindows_2000_terminal_services
netbsdnetbsd
1.5
netbsdnetbsd
1.5.1
netbsdnetbsd
1.5.2
netbsdnetbsd
1.5.3
netbsdnetbsd
1.6
Exploits Disponíveis (3)
Referências
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
- http://www.kb.cert.org/vuls/id/412115Third Party AdvisoryUS Government Resource
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.osvdb.org/9962
- http://www.redhat.com/support/errata/RHSA-2003-025.html
- http://www.redhat.com/support/errata/RHSA-2003-088.html
- http://www.securityfocus.com/archive/1/305335/30/26420/threaded
- http://www.securityfocus.com/archive/1/307564/30/26270/threaded
- http://www.securitytracker.com/id/1031583
- http://www.securitytracker.com/id/1040185
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
- http://marc.info/?l=bugtraq&m=104222046632243&w=2
- http://secunia.com/advisories/7996
- http://www.atstake.com/research/advisories/2003/a010603-1.txtVendor Advisory
- http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf