CVE-2003-0019

{"id": "CVE-2003-0019", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-02-19T05:00:00.000", "references": [{"url": "http://www.ciac.org/ciac/bulletins/n-044.shtml", "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/11276.php", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/134025", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-056.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/6801", "source": "cve@mitre.org"}, {"url": "http://www.ciac.org/ciac/bulletins/n-044.shtml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.iss.net/security_center/static/11276.php", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/134025", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-056.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/6801", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode."}, {"lang": "es", "value": "uml_net en el paquete kernel-utils de Red Hat Linux 8.0 tiene privilegios setuid de root incorrectos, lo que permite a usuarios locales modificar interfaces de red, por ejemplo modificando las entradas ARP o poniendo los interfaces en modo prom\u00edscuo."}], "lastModified": "2024-11-20T23:43:45.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D1E6298-EDF5-438F-8DFD-16A514CB938A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}