PT-2003-1083 · Gnu · Glibc

Published

2003-11-12

·

Updated

2017-10-11

·

CVE-2003-0859

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions glibc versions 2.2.4 and earlier glibc versions 2.2.5 glibc versions 2.3.2
Description The issue allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. Multiple vulnerabilities in the glibc package of Red Hat Linux can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.
Recommendations For glibc versions 2.2.4 and earlier, update to a version later than 2.2.4 to resolve the issue. For glibc versions 2.2.5, update to a version later than 2.2.5 to resolve the issue. For glibc versions 2.3.2, update to a version later than 2.3.2 to resolve the issue. As a temporary workaround, consider restricting access to the kernel netlink interface to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

BDU:2015-07994
BDU:2015-07995
BDU:2015-07996
BDU:2015-07997
BDU:2015-07998
BDU:2015-07999
BDU:2015-08000
BDU:2015-08001
BDU:2015-08002
BDU:2015-08003
BDU:2015-08005
BDU:2015-08006
BDU:2015-08007
BDU:2015-08009
BDU:2015-08010
BDU:2015-08011
BDU:2015-08012
BDU:2015-08013
CVE-2003-0859

Affected Products

Glibc