Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0465

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0465
Last Modified 21 Aug 2010 12:16:08
Published 18 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0465

Summary

The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.5.0


References

REDHAT - RHSA-2004:188

CONFIRM - http://marc.theaimsgroup.com/?l=linux-kernel&m=105796415223490&w=2

CONFIRM - http://marc.theaimsgroup.com/?l=linux-kernel&m=105796021120436&w=2


Last Updated: 27 May 2016 10:37:56