Vulnerability Description
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Linux | 7.1 |
References
- http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html
- http://www.debian.org/security/2004/dsa-358
- http://www.debian.org/security/2004/dsa-423PatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-238.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-188.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html
- http://www.debian.org/security/2004/dsa-358
- http://www.debian.org/security/2004/dsa-423PatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-238.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-188.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0461?
CVE-2003-0461 is a vulnerability with a CVSS score of 2.1 (LOW). /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of pass...
How severe is CVE-2003-0461?
CVE-2003-0461 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0461?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Linux.