Vulnerabilities > CVE-2003-0464 - Local Security vulnerability in Linux

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

redhat

NVD

Published: 2003-08-27

Updated: 2018-05-03

Summary

The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Linux 7.1 Redhat Linux 7.2 Redhat Linux 7.3 Redhat Linux 8.0 Redhat Linux 9.0	5

Oval

accepted

2007-04-25T19:52:27.102-04:00

class

vulnerability

contributors

name Jay Beale
organization Bastille Linux
name Jay Beale
organization Bastille Linux
name Thomas R. Jones
organization Maitreya Security

description

The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.

family

unix

oval:org.mitre.oval:def:311

status

accepted

submitted

2003-09-26T12:00:00.000-04:00

title

Linux Kernel Reuse Flag Vulnerability

version

Redhat

advisories

rhsa

id	RHSA-2003:238

Summary

Vulnerable Configurations

Oval

Redhat

References