CVE-2003-0127: CVE-2003-0127

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2003-0127

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux Kernel kmod/ptrace竞争条件权限提升漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux是极为流行的开放源代码的操作系统内核。 Linux kernel/kmod.c程序以不安全的方式建立内核线程，本地攻击者利用这个漏洞通过竞争条件攻击方法获得root用户权限。当进程请求的功能在模块中的情况下，内核就会派生一子进程，并把子进程的euid和egid设置为0并调用execve("/sbin/modprobe")。问题是在euid更改到子进程前可以被ptrace()挂接调试，因此攻击者可以插入任意代码到进程中并以root用户的权限运行。要利用此漏洞，必须需要如下条件： 1、Linux

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2003-0127

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2003-0127

Please Login to view more intelligence information

http://www.debian.org/security/2003/dsa-276vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2003/dsa-336vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2003/dsa-311vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2003/dsa-312vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-495vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2003/dsa-332vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-423vendor-advisoryx_refsource_DEBIAN
http://www.kb.cert.org/vuls/id/628849third-party-advisoryx_refsource_CERT-VN
http://www.redhat.com/support/errata/RHSA-2003-103.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2003-098.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2003-088.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2003:039vendor-advisoryx_refsource_MANDRAKE
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-020.0.txtvendor-advisoryx_refsource_CALDERA
http://marc.info/?l=bugtraq&m=105301461726555&w=2vendor-advisoryx_refsource_ENGARDE
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0134.htmlmailing-listx_refsource_VULNWATCH
https://nvd.nist.gov/vuln/detail/CVE-2003-0127

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2003-0127

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2003-0127

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2003-0127

III. Intelligence Information for CVE-2003-0127

IV. Related Vulnerabilities

V. Comments for CVE-2003-0127

Leave a comment