CVE-2003-0019 : uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users

uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.

Published 2003-02-19 05:00:00

Updated 2008-09-11 00:05:24

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2003-0019

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2003-0019

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2003-0019

http://www.kb.cert.org/vuls/id/134025

US Government Resource
http://www.ciac.org/ciac/bulletins/n-044.shtml
http://www.redhat.com/support/errata/RHSA-2003-056.html

Patch;Vendor Advisory
http://www.iss.net/security_center/static/11276.php

Patch;Vendor Advisory
http://www.securityfocus.com/bid/6801

Products affected by CVE-2003-0019

Redhat » Linux » Version: 8.0 I386 Edition
cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2003-0019

Exploit prediction scoring system (EPSS) score for CVE-2003-0019

CVSS scores for CVE-2003-0019

References for CVE-2003-0019

Products affected by CVE-2003-0019