Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2003-0187 | First vendor Publication | 2003-08-27 |
| Vendor | Cve | Last vendor Modification | 2017-10-11 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0187 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:260 | |||
| Oval ID: | oval:org.mitre.oval:def:260 | ||
| Title: | Netfilter Denial of Service | ||
| Description: | The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2003-0187 | Version: | 2 |
| Platform(s): | Red Hat Linux 9 | Product(s): | Netfilter |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 6061 | Linux IPTables / Netfilter Connection Tracking Linked List DoS The netfilter (iptables) module of the Linux kernel contains a flaw that may allow a remote denial of service. The issue is triggered only when the connection tracking module ip_conntrack is loaded. When a large number of packets are sent to a machine so configured, one-way traffic packets are marked incorrectly as UNCONFIRMED statein the linked list, and assigned a very high timeout. This eventually consumes large amounts of system memory, and will result in loss of availability for the platform. |
Sources (Detail)
| Source | Url |
|---|---|
| BUGTRAQ | http://marc.info/?l=bugtraq&m=105986028426824&w=2 |
| OVAL | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... |
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:02:01 |
|
| 2021-04-22 01:02:08 |
|
| 2020-05-23 00:15:22 |
|
| 2017-10-11 09:23:16 |
|
| 2016-10-18 12:01:09 |
|
| 2016-04-26 12:31:02 |
|
| 2013-05-11 11:50:49 |
|
