Vulnerability Description
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Glibc | 2.3.2 |
| Gnu | Zebra | 0.91a |
| Quagga | Quagga Routing Software Suite | 0.96.2 |
| Sgi | Propack | 2.2.1 |
| Redhat | Enterprise Linux | 2.1 |
| Redhat | Linux Advanced Workstation | 2.1 |
| Intel | Ia64 | All versions |
References
- http://www.redhat.com/support/errata/RHSA-2003-325.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-334.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.redhat.com/support/errata/RHSA-2003-325.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-334.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0859?
CVE-2003-0859 is a vulnerability with a CVSS score of 4.9 (MEDIUM). The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
How severe is CVE-2003-0859?
CVE-2003-0859 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0859?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Glibc, Gnu Zebra, Quagga Quagga Routing Software Suite, Sgi Propack, Redhat Enterprise Linux.