{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-01-06T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030117 Re: More information regarding Etherleak", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"}, {"name": "1031583", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031583"}, {"name": "9962", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/9962"}, {"name": "RHSA-2003:088", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"}, {"name": "20030110 More information regarding Etherleak", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=104222046632243&w=2"}, {"name": "VU#412115", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/412115"}, {"name": "20030106 Etherleak: Ethernet frame padding information leakage (A010603-1)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"}, {"name": "oval:org.mitre.oval:def:2665", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"}, {"name": "20030110 More information regarding Etherleak", "tags": ["mailing-list", "x_refsource_VULNWATCH"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"}, {"name": "RHSA-2003:025", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"}, {"name": "7996", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/7996"}, {"name": "A010603-1", "tags": ["vendor-advisory", "x_refsource_ATSTAKE"], "url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"}, {"name": "1040185", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040185"}, {"tags": ["x_refsource_MISC"], "url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0001", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030117 Re: More information regarding Etherleak", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"}, {"name": "1031583", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031583"}, {"name": "9962", "refsource": "OSVDB", "url": "http://www.osvdb.org/9962"}, {"name": "RHSA-2003:088", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"}, {"name": "20030110 More information regarding Etherleak", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=104222046632243&w=2"}, {"name": "VU#412115", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/412115"}, {"name": "20030106 Etherleak: Ethernet frame padding information leakage (A010603-1)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"}, {"name": "oval:org.mitre.oval:def:2665", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"}, {"name": "20030110 More information regarding Etherleak", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"}, {"name": "RHSA-2003:025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"}, {"name": "7996", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/7996"}, {"name": "A010603-1", "refsource": "ATSTAKE", "url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"}, {"name": "1040185", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040185"}, {"name": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf", "refsource": "MISC", "url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0001", "datePublished": "2003-01-08T05:00:00", "dateReserved": "2003-01-02T00:00:00", "dateUpdated": "2018-10-19T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "8208AFC9-0EFC-4A90-AD5A-FD94F5542885", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D4168AE-D19E-482E-8F2B-3E798B2D84E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak."}, {"lang": "es", "value": "M\u00faltiples controladores de dispositivo (device drivers) de Tarjetas de Interfaz de Red (Network Interface Card - NIC) Ethernet no rellenan las tramas con bytes nulos, lo que permite a atacantes remotos obtener informaci\u00f3n de paquetes anteriores o memoria del kernel usando paquetes malformados, como ha sido demostrado por Etherleak."}], "id": "CVE-2003-0001", "lastModified": "2019-04-30T14:27:13.710", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-01-17T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=104222046632243&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/7996"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"}, {"source": "cve@mitre.org", "url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/412115"}, {"source": "cve@mitre.org", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/9962"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1031583"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1040185"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}