7.2

CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.2.0
LinuxLinux Kernel Version2.2.1
LinuxLinux Kernel Version2.2.2
LinuxLinux Kernel Version2.2.3
LinuxLinux Kernel Version2.2.4
LinuxLinux Kernel Version2.2.5
LinuxLinux Kernel Version2.2.6
LinuxLinux Kernel Version2.2.7
LinuxLinux Kernel Version2.2.8
LinuxLinux Kernel Version2.2.9
LinuxLinux Kernel Version2.2.10
LinuxLinux Kernel Version2.2.11
LinuxLinux Kernel Version2.2.12
LinuxLinux Kernel Version2.2.13
LinuxLinux Kernel Version2.2.14
LinuxLinux Kernel Version2.2.15
LinuxLinux Kernel Version2.2.16
LinuxLinux Kernel Version2.2.17
LinuxLinux Kernel Version2.2.18
LinuxLinux Kernel Version2.2.19
LinuxLinux Kernel Version2.2.20
LinuxLinux Kernel Version2.2.21
LinuxLinux Kernel Version2.2.22
LinuxLinux Kernel Version2.2.23
LinuxLinux Kernel Version2.2.24
LinuxLinux Kernel Version2.4.0
LinuxLinux Kernel Version2.4.1
LinuxLinux Kernel Version2.4.2
LinuxLinux Kernel Version2.4.3
LinuxLinux Kernel Version2.4.4
LinuxLinux Kernel Version2.4.5
LinuxLinux Kernel Version2.4.6
LinuxLinux Kernel Version2.4.7
LinuxLinux Kernel Version2.4.8
LinuxLinux Kernel Version2.4.9
LinuxLinux Kernel Version2.4.10
LinuxLinux Kernel Version2.4.11
LinuxLinux Kernel Version2.4.12
LinuxLinux Kernel Version2.4.13
LinuxLinux Kernel Version2.4.14
LinuxLinux Kernel Version2.4.15
LinuxLinux Kernel Version2.4.16
LinuxLinux Kernel Version2.4.17
LinuxLinux Kernel Version2.4.18
LinuxLinux Kernel Version2.4.19
LinuxLinux Kernel Version2.4.20
LinuxLinux Kernel Version2.4.21 Updatepre1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.58% 0.724
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.debian.org/security/2003/dsa-311
http://www.debian.org/security/2003/dsa-312
http://www.debian.org/security/2003/dsa-332
http://www.debian.org/security/2003/dsa-336
http://www.debian.org/security/2004/dsa-423
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-020.0.txt
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0134.html
http://marc.info/?l=bugtraq&m=105301461726555&w=2
http://rhn.redhat.com/errata/RHSA-2003-088.html
http://rhn.redhat.com/errata/RHSA-2003-098.html
Patch
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200303-17.xml
http://www.debian.org/security/2003/dsa-270
http://www.debian.org/security/2003/dsa-276
http://www.debian.org/security/2004/dsa-495
http://www.kb.cert.org/vuls/id/628849
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2003:038
http://www.mandriva.com/security/advisories?name=MDKSA-2003:039
http://www.redhat.com/support/errata/RHSA-2003-103.html
http://www.redhat.com/support/errata/RHSA-2003-145.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A254