Vulnerability Description
The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Linux | 7.1 |
References
- http://www.redhat.com/support/errata/RHSA-2003-238.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.redhat.com/support/errata/RHSA-2003-238.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0464?
CVE-2003-0464 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.
How severe is CVE-2003-0464?
CVE-2003-0464 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0464?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Linux.