CVE-2003-0550

5 documents5 sources
Severity
5.0MEDIUM
EPSS
0.7%
top 27.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Linux
Timeline
PublishedAug 27
Latest updateApr 29

Description

The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDredhat/linux2.4.2

Patches

Patch: www.debian.orgPatch: www.redhat.comPatch: www.debian.org

🔴Vulnerability Details

2
GHSA
GHSA-f29g-8qvj-p3hm: The STP protocol, as enabled in Linux 22022-04-29
CVEList
CVE-2003-0550: The STP protocol, as enabled in Linux 22003-07-25

📋Vendor Advisories

1
Red Hat
security flaw2003-06-30

💬Community

1
Bugzilla
CVE-2003-0550 security flaw2018-08-16
CVE-2003-0550 (MEDIUM CVSS 5) | The STP protocol | cvebase.io