CVE-2003-0858

CWE-3995 documents5 sources

Severity

2.1LOW

EPSS

0.1%

top 78.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Zebra Quagga Quagga Routing Software Suite

Timeline

PublishedDec 15

Latest updateApr 29

Description

Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶NVDgnu/zebra0.91

▶NVDquagga/quagga_routing_software_suite0.95

Patches

Patch: www.debian.org ↗Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-44r4-q6xp-rh44: Zebra 0↗2022-04-29

▶

CVEList

CVE-2003-0858: Zebra 0↗2003-11-18

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-11-12

▶

💬Community

Bugzilla

CVE-2003-0858 security flaw↗2018-08-16

▶