Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0019 — Redhat Linux vulnerability

6 documents6 sources

Severity

7.2HIGHNVD

EPSS

0.7%

top 28.73%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Redhat Linux

Timeline

PublishedFeb 19

Latest updateApr 29

Description

uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDredhat/linux8.0

Patches

Patch: www.iss.net ↗Patch: www.redhat.com ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-j663-gv7p-7947: uml_net in the kernel-utils package for Red Hat Linux 8↗2022-04-29

▶

CVEList

CVE-2003-0019: uml_net in the kernel-utils package for Red Hat Linux 8↗2004-09-01

▶

💥Exploits & PoCs

Exploit-DB

UML_NET - Integer Mismanagement Code Execution↗2003-05-23

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-02-07

▶

💬Community

Bugzilla

CVE-2003-0019 security flaw↗2018-08-16

▶