Published: 04 Jul 2003, 04:00
Last modified:08 Aug 2024, 01:58
Vulnerability Summary
Overall Risk (default)
low
18/100 CVSS Score
2.1 LOW
v2.0 (nvd)
EPSS Score
0.37% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
1 found
Dark Web
Not detected
Timeline
04 Jul 2003, 04:00
Published
Vulnerability first disclosed
08 Aug 2024, 01:58
Last Modified
Vulnerability information updated
Description
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
CVSS Metrics
- v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS Trends
Current EPSS score: 0.37%• Percentile: 59%
Affected Systems
- linux•linux_kernel
2.6.20.1
References (7)
- http://www.redhat.com/support/errata/RHSA-2003-238.html
- http://www.debian.org/security/2004/dsa-423
- http://www.redhat.com/support/errata/RHSA-2003-198.html
- http://www.redhat.com/support/errata/RHSA-2003-239.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A328
- http://marc.info/?l=bugtraq&m=105621758104242
- http://www.debian.org/security/2004/dsa-358