CVE-2003-0001

Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

Published: Jan 17, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0001
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.4.15	2.4.15.x
netbsd / netbsd	1.5.3	1.5.3.x
microsoft / windows_2000_terminal_services	-	-
netbsd / netbsd	1.6	1.6.x
linux / linux_kernel	2.4.11	2.4.11.x
netbsd / netbsd	1.5	1.5.x
linux / linux_kernel	2.4.12	2.4.12.x
linux / linux_kernel	2.4.13	2.4.13.x
microsoft / windows_2000	-	-
freebsd / freebsd	4.7	4.7.x
linux / linux_kernel	2.4.16	2.4.16.x
linux / linux_kernel	2.4.5	2.4.5.x
freebsd / freebsd	4.2	4.2.x
linux / linux_kernel	2.4.19	2.4.19.x
linux / linux_kernel	2.4.2	2.4.2.x
linux / linux_kernel	2.4.9	2.4.9.x
netbsd / netbsd	1.5.1	1.5.1.x
linux / linux_kernel	2.4.10	2.4.10.x
linux / linux_kernel	2.4.17	2.4.17.x
linux / linux_kernel	2.4.7	2.4.7.x
linux / linux_kernel	2.4.8	2.4.8.x
freebsd / freebsd	4.4	4.4.x
freebsd / freebsd	4.5	4.5.x
linux / linux_kernel	2.4.14	2.4.14.x
netbsd / netbsd	1.5.2	1.5.2.x
linux / linux_kernel	2.4.1	2.4.1.x
freebsd / freebsd	4.6	4.6.x
linux / linux_kernel	2.4.4	2.4.4.x
linux / linux_kernel	2.4.6	2.4.6.x
freebsd / freebsd	4.3	4.3.x
linux / linux_kernel	2.4.18	2.4.18.x
linux / linux_kernel	2.4.20	2.4.20.x
linux / linux_kernel	2.4.3	2.4.3.x

Vulnerability Database

289,599

CVE-2003-0001