Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:43
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html - | |
References | () http://marc.info/?l=bugtraq&m=104222046632243&w=2 - | |
References | () http://secunia.com/advisories/7996 - | |
References | () http://www.atstake.com/research/advisories/2003/a010603-1.txt - Vendor Advisory | |
References | () http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf - | |
References | () http://www.kb.cert.org/vuls/id/412115 - Third Party Advisory, US Government Resource | |
References | () http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html - | |
References | () http://www.osvdb.org/9962 - | |
References | () http://www.redhat.com/support/errata/RHSA-2003-025.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2003-088.html - | |
References | () http://www.securityfocus.com/archive/1/305335/30/26420/threaded - | |
References | () http://www.securityfocus.com/archive/1/307564/30/26270/threaded - | |
References | () http://www.securitytracker.com/id/1031583 - | |
References | () http://www.securitytracker.com/id/1040185 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665 - |
Information
Published : 2003-01-17 05:00
Updated : 2024-11-20 23:43
NVD link : CVE-2003-0001
Mitre link : CVE-2003-0001
CVE.ORG link : CVE-2003-0001
JSON object : View
Products Affected
netbsd
- netbsd
microsoft
- windows_2000_terminal_services
- windows_2000
linux
- linux_kernel
freebsd
- freebsd
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor