Vulnerabilities > CVE-2003-0619 - Unspecified vulnerability in Linux Kernel
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
Vulnerable Configurations
Exploit-Db
description | Linux Kernel <= 2.4.20 decode_fh Denial of Service Exploit. CVE-2003-0619. Dos exploit for linux platform |
id | EDB-ID:68 |
last seen | 2016-01-31 |
modified | 2003-07-29 |
published | 2003-07-29 |
reporter | Jared Stanbrough |
source | https://www.exploit-db.com/download/68/ |
title | Linux Kernel <= 2.4.20 - decode_fh Denial of Service Exploit |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-358.NASL description A number of vulnerabilities have been discovered in the Linux kernel. - CAN-2003-0461: /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. This bug has been fixed by restricting access to /proc/tty/driver/serial. - CAN-2003-0462: A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). - CAN-2003-0476: The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. - CAN-2003-0501: The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. - CAN-2003-0550: The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. This bug has been fixed by disabling STP by default. - CAN-2003-0551: The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. - CAN-2003-0552: Linux 2.4.x allows remote attackers to spoof the bridge forwarding table via forged packets whose source addresses are the same as the target. - CAN-2003-0018: Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. This bug has been fixed by disabling O_DIRECT. - CAN-2003-0619: Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. This advisory covers only the i386 and alpha architectures. Other architectures will be covered by separate advisories. last seen 2020-06-01 modified 2020-06-02 plugin id 15195 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15195 title Debian DSA-358-4 : linux-kernel-2.4.18 - several vulnerabilities NASL family Denial of Service NASL id KNFS_DOS.NASL description The remote host is running knfsd, a kernel NFS daemon. There is a vulnerability in this version that may allow an attacker to cause a kernel panic on the remote host by sending a malformed GETATTR request with an invalid length field. last seen 2020-06-01 modified 2020-06-02 plugin id 11813 published 2003-08-01 reporter This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11813 title Linux 2.4 NFSv3 knfsd Malformed GETATTR Request Remote DoS NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-239.NASL description Updated kernel packages that address various security vulnerabilities are now available for Red Hat Enterprise Linux. The Linux kernel handles the basic functions of the operating system. Security issues have been found that affect the versions of the Linux kernel shipped with Red Hat Enterprise Linux : CVE-2003-0462: Paul Starzetz discovered a file read race condition existing in the execve() system call, which could cause a local crash. CVE-2003-0501: The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program. This causes the program to fail to change the ownership and permissions of already opened entries. CVE-2003-0550: The STP protocol is known to have no security, which could allow attackers to alter the bridge topology. STP is now turned off by default. CVE-2003-0551: STP input processing was lax in its length checking, which could lead to a denial of service (DoS). CVE-2003-0552: Jerry Kreuscher discovered that the Forwarding table could be spoofed by sending forged packets with bogus source addresses the same as the local host. CVE-2003-0619: An integer signedness error in the decode_fh function of nfs3xdr.c allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. CVE-2003-0699: The C-Media PCI sound driver in Linux kernel versions prior to 2.4.21 accesses userspace without using the get_user function, which is a potential security hole. All users are advised to upgrade to these erratum packages, which contain backported security patches correcting these vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 12410 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12410 title RHEL 2.1 : kernel (RHSA-2003:239)
Oval
accepted | 2007-04-25T19:52:28.400-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
description | Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. | ||||||||||||
family | unix | ||||||||||||
id | oval:org.mitre.oval:def:386 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2003-09-25T12:00:00.000-04:00 | ||||||||||||
title | Lunix Kernel NFSv3 Procedure Kernel Panic Vulnerability | ||||||||||||
version | 37 |
Redhat
advisories |
|