Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0018

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2003-0018
Last Modified 10 Sep 2008 08:05:23
Published 19 Feb 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0018

Summary

Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19


References

REDHAT - RHSA-2003:025

DEBIAN - DSA-423

XF - linux-odirect-information-leak(11249)

BID - 6763

MANDRAKE - MDKSA-2003:014

DEBIAN - DSA-358

CONFIRM - http://linux.bkbits.net:8080/linux-2.4/cset@3e2f193drGJDBg9SG6JwaDQwCBnAMQ


Last Updated: 27 May 2016 10:37:45