CVE-2003-0001

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2003-0001
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2003-01-17 05:00:00 UTC
Updated2019-04-30 14:27:00 UTC
DescriptionMultiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

Risk And Classification

Problem Types: CWE-200

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Freebsd Freebsd 4.2 All All All
Operating System Freebsd Freebsd 4.3 All All All
Operating System Freebsd Freebsd 4.4 All All All
Operating System Freebsd Freebsd 4.5 All All All
Operating System Freebsd Freebsd 4.6 All All All
Operating System Freebsd Freebsd 4.7 All All All
Operating System Freebsd Freebsd 4.2 All All All
Operating System Freebsd Freebsd 4.3 All All All
Operating System Freebsd Freebsd 4.4 All All All
Operating System Freebsd Freebsd 4.5 All All All
Operating System Freebsd Freebsd 4.6 All All All
Operating System Freebsd Freebsd 4.7 All All All
Operating System Linux Linux Kernel 2.4.1 All All All
Operating System Linux Linux Kernel 2.4.10 All All All
Operating System Linux Linux Kernel 2.4.11 All All All
Operating System Linux Linux Kernel 2.4.12 All All All
Operating System Linux Linux Kernel 2.4.13 All All All
Operating System Linux Linux Kernel 2.4.14 All All All
Operating System Linux Linux Kernel 2.4.15 All All All
Operating System Linux Linux Kernel 2.4.16 All All All
Operating System Linux Linux Kernel 2.4.17 All All All
Operating System Linux Linux Kernel 2.4.18 All All All
Operating System Linux Linux Kernel 2.4.19 All All All
Operating System Linux Linux Kernel 2.4.2 All All All
Operating System Linux Linux Kernel 2.4.20 All All All
Operating System Linux Linux Kernel 2.4.3 All All All
Operating System Linux Linux Kernel 2.4.4 All All All
Operating System Linux Linux Kernel 2.4.5 All All All
Operating System Linux Linux Kernel 2.4.6 All All All
Operating System Linux Linux Kernel 2.4.7 All All All
Operating System Linux Linux Kernel 2.4.8 All All All
Operating System Linux Linux Kernel 2.4.9 All All All
Operating System Linux Linux Kernel 2.4.1 All All All
Operating System Linux Linux Kernel 2.4.10 All All All
Operating System Linux Linux Kernel 2.4.11 All All All
Operating System Linux Linux Kernel 2.4.12 All All All
Operating System Linux Linux Kernel 2.4.13 All All All
Operating System Linux Linux Kernel 2.4.14 All All All
Operating System Linux Linux Kernel 2.4.15 All All All
Operating System Linux Linux Kernel 2.4.16 All All All
Operating System Linux Linux Kernel 2.4.17 All All All
Operating System Linux Linux Kernel 2.4.18 All All All
Operating System Linux Linux Kernel 2.4.19 All All All
Operating System Linux Linux Kernel 2.4.2 All All All
Operating System Linux Linux Kernel 2.4.20 All All All
Operating System Linux Linux Kernel 2.4.3 All All All
Operating System Linux Linux Kernel 2.4.4 All All All
Operating System Linux Linux Kernel 2.4.5 All All All
Operating System Linux Linux Kernel 2.4.6 All All All
Operating System Linux Linux Kernel 2.4.7 All All All
Operating System Linux Linux Kernel 2.4.8 All All All
Operating System Linux Linux Kernel 2.4.9 All All All
Operating System Microsoft Windows 2000 All All All All
Operating System Microsoft Windows 2000 All sp1 All All
Operating System Microsoft Windows 2000 All sp2 All All
Operating System Microsoft Windows 2000 All All All All
Operating System Microsoft Windows 2000 All sp1 All All
Operating System Microsoft Windows 2000 All sp2 All All
Operating System Microsoft Windows 2000 Terminal Services All All All All
Operating System Microsoft Windows 2000 Terminal Services All sp1 All All
Operating System Microsoft Windows 2000 Terminal Services All sp2 All All
Operating System Microsoft Windows 2000 Terminal Services All All All All
Operating System Microsoft Windows 2000 Terminal Services All sp1 All All
Operating System Microsoft Windows 2000 Terminal Services All sp2 All All
Operating System Netbsd Netbsd 1.5 All All All
Operating System Netbsd Netbsd 1.5.1 All All All
Operating System Netbsd Netbsd 1.5.2 All All All
Operating System Netbsd Netbsd 1.5.3 All All All
Operating System Netbsd Netbsd 1.6 All All All
Operating System Netbsd Netbsd 1.5 All All All
Operating System Netbsd Netbsd 1.5.1 All All All
Operating System Netbsd Netbsd 1.5.2 All All All
Operating System Netbsd Netbsd 1.5.3 All All All
Operating System Netbsd Netbsd 1.6 All All All

References

ReferenceSourceLinkTags
www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf MISC www.atstake.com
A010603-1 ATSTAKE www.atstake.com Vendor Advisory
Neohapsis Archives - VulnWatch - [VulnWatch] More information regarding Etherleak - From ofir_at_sys-security.com VULNWATCH archives.neohapsis.com
Juniper ScreenOS Etherleak Flaw Lets Remote Users Obtain Potentially Sensitive Information from Unpadded Ethernet Packets - SecurityTracker SECTRACK www.securitytracker.com
SecurityFocus BUGTRAQ www.securityfocus.com
redhat.com | Red Hat Support REDHAT www.redhat.com
CERT/CC Vulnerability Note VU#412115 CERT-VN www.kb.cert.org Third Party Advisory, US Government Resource
redhat.com | Red Hat Support REDHAT www.redhat.com
Oracle Critical Patch Update - January 2015 CONFIRM www.oracle.com
Secunia - Advisories - Red Hat Linux Kernel Updates SECUNIA secunia.com
'More information regarding Etherleak' - MARC BUGTRAQ marc.info
9962 OSVDB www.osvdb.org
Oracle Solaris Multiple Flaws Let Remote and Local Users Partially Access Data, Modify Data, and Deny Service and Remote Authenticated or Local Users Gain Elevated Privileges - SecurityTracker SECTRACK www.securitytracker.com
Repository / Oval Repository OVAL oval.cisecurity.org
SecurityFocus BUGTRAQ www.securityfocus.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report