Vulnerabilities > CVE-2003-0859
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 | |
| Application | 1 | |
| Application | 2 | |
| OS | 9 | |
| Hardware | 1 |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2003-002.NASL description Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0859 to this issue. In addition to this this update fixes a couple of bugs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 13661 published 2004-07-23 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13661 title Fedora Core 1 : glibc-2.3.2-101.1 (2003-002) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2003-002. # include("compat.inc"); if (description) { script_id(13661); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:23"); script_cve_id("CVE-2003-0859"); script_xref(name:"FEDORA", value:"2003-002"); script_name(english:"Fedora Core 1 : glibc-2.3.2-101.1 (2003-002)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: "Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0859 to this issue. In addition to this this update fixes a couple of bugs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/announce/2003-November/000004.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1510b84b" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-debuginfo-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-profile"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nptl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nscd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:1"); script_set_attribute(attribute:"patch_publication_date", value:"2003/11/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 1.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-common-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-debug-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-debuginfo-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-debuginfo-common-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-devel-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-headers-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-profile-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"glibc-utils-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"nptl-devel-2.3.2-101.1")) flag++; if (rpm_check(release:"FC1", cpu:"i386", reference:"nscd-2.3.2-101.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debug / glibc-debuginfo / etc"); }NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-148.NASL description Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack. The updated packages have been patched to prevent this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 15956 published 2004-12-14 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15956 title Mandrake Linux Security Advisory : iproute2 (MDKSA-2004:148) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2004:148. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(15956); script_version ("1.17"); script_cvs_date("Date: 2019/08/02 13:32:47"); script_cve_id("CVE-2003-0856", "CVE-2003-0858", "CVE-2003-0859"); script_xref(name:"MDKSA", value:"2004:148"); script_name(english:"Mandrake Linux Security Advisory : iproute2 (MDKSA-2004:148)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Mandrake Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack. The updated packages have been patched to prevent this problem." ); script_set_attribute( attribute:"solution", value:"Update the affected iproute2 package." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:iproute2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2"); script_set_attribute(attribute:"patch_publication_date", value:"2004/12/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/12/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK10.0", reference:"iproute2-2.4.7-11.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", reference:"iproute2-2.4.7-11.1.92mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-334.NASL description Updated glibc packages that resolve a vulnerability and address several bugs are now available. The glibc packages contain GNU libc, which provides standard system libraries. Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0859 to this issue. In addition to the security issues, a number of other bugs were fixed. Users are advised to upgrade to these erratum packages, which contain a patch that checks that netlink messages actually came from the kernel and patches for the various bug fixes. last seen 2020-06-01 modified 2020-06-02 plugin id 12434 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12434 title RHEL 3 : glibc (RHSA-2003:334) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2003:334. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(12434); script_version ("1.26"); script_cvs_date("Date: 2019/10/25 13:36:10"); script_cve_id("CVE-2003-0859"); script_xref(name:"RHSA", value:"2003:334"); script_name(english:"RHEL 3 : glibc (RHSA-2003:334)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated glibc packages that resolve a vulnerability and address several bugs are now available. The glibc packages contain GNU libc, which provides standard system libraries. Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0859 to this issue. In addition to the security issues, a number of other bugs were fixed. Users are advised to upgrade to these erratum packages, which contain a patch that checks that netlink messages actually came from the kernel and patches for the various bug fixes." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2003-0859" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2003:334" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-profile"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nptl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3"); script_set_attribute(attribute:"vuln_publication_date", value:"2003/12/15"); script_set_attribute(attribute:"patch_publication_date", value:"2003/11/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2003:334"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL3", reference:"glibc-2.3.2-95.6")) flag++; if (rpm_check(release:"RHEL3", reference:"glibc-common-2.3.2-95.6")) flag++; if (rpm_check(release:"RHEL3", reference:"glibc-devel-2.3.2-95.6")) flag++; if (rpm_check(release:"RHEL3", reference:"glibc-headers-2.3.2-95.6")) flag++; if (rpm_check(release:"RHEL3", reference:"glibc-profile-2.3.2-95.6")) flag++; if (rpm_check(release:"RHEL3", reference:"glibc-utils-2.3.2-95.6")) flag++; if (rpm_check(release:"RHEL3", reference:"nptl-devel-2.3.2-95.6")) flag++; if (rpm_check(release:"RHEL3", reference:"nscd-2.3.2-95.6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-profile / etc"); } }
Oval
| accepted | 2013-04-29T04:13:21.088-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| definition_extensions |
| ||||||||
| description | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||||||
| family | unix | ||||||||
| id | oval:org.mitre.oval:def:11337 | ||||||||
| status | accepted | ||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||
| title | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||||||
| version | 27 |
Redhat
| advisories |
| ||||||||
| rpms |
|