ID CVE-2003-0859
Summary The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
References
Vulnerable Configurations
  • GNU glibc 2.3.2
    cpe:2.3:a:gnu:glibc:2.3.2
  • GNU Zebra 0.91a
    cpe:2.3:a:gnu:zebra:0.91a
  • GNU Zebra 0.92a
    cpe:2.3:a:gnu:zebra:0.92a
  • GNU Zebra 0.93a
    cpe:2.3:a:gnu:zebra:0.93a
  • GNU Zebra 0.93b
    cpe:2.3:a:gnu:zebra:0.93b
  • cpe:2.3:a:quagga:quagga_routing_software_suite:0.96.2
    cpe:2.3:a:quagga:quagga_routing_software_suite:0.96.2
  • SGI ProPack 2.2.1
    cpe:2.3:a:sgi:propack:2.2.1
  • SGI ProPack 2.3
    cpe:2.3:a:sgi:propack:2.3
  • cpe:2.3:o:redhat:enterprise_linux:2.1:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:2.1:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:2.1:-:advanced_server_ia64
    cpe:2.3:o:redhat:enterprise_linux:2.1:-:advanced_server_ia64
  • cpe:2.3:o:redhat:enterprise_linux:2.1:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:2.1:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:2.1:-:enterprise_server_ia64
    cpe:2.3:o:redhat:enterprise_linux:2.1:-:enterprise_server_ia64
  • cpe:2.3:o:redhat:enterprise_linux:2.1:-:workstation
    cpe:2.3:o:redhat:enterprise_linux:2.1:-:workstation
  • cpe:2.3:o:redhat:enterprise_linux:2.1:-:workstation_ia64
    cpe:2.3:o:redhat:enterprise_linux:2.1:-:workstation_ia64
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_servers
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_servers
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
  • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:-:itanium_processor
    cpe:2.3:o:redhat:linux_advanced_workstation:2.1:-:itanium_processor
  • Intel IA64
    cpe:2.3:h:intel:ia64
CVSS
Base: 4.9 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2003-002.NASL
    description Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0859 to this issue. In addition to this this update fixes a couple of bugs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 13661
    published 2004-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13661
    title Fedora Core 1 : glibc-2.3.2-101.1 (2003-002)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2003-334.NASL
    description Updated glibc packages that resolve a vulnerability and address several bugs are now available. The glibc packages contain GNU libc, which provides standard system libraries. Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0859 to this issue. In addition to the security issues, a number of other bugs were fixed. Users are advised to upgrade to these erratum packages, which contain a patch that checks that netlink messages actually came from the kernel and patches for the various bug fixes.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12434
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12434
    title RHEL 3 : glibc (RHSA-2003:334)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-148.NASL
    description Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack. The updated packages have been patched to prevent this problem.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 15956
    published 2004-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15956
    title Mandrake Linux Security Advisory : iproute2 (MDKSA-2004:148)
oval via4
accepted 2013-04-29T04:13:21.088-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
description The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
family unix
id oval:org.mitre.oval:def:11337
status accepted
submitted 2010-07-09T03:56:16-04:00
title The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2003:325
  • rhsa
    id RHSA-2003:334
refmap via4
Last major update 21-08-2010 - 00:16
Published 15-12-2003 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top