Vulnerability Details CVE-2003-0461
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.7%
CVSS Severity
CVSS v2 Score 2.1
References
- http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html
- http://www.debian.org/security/2004/dsa-358
- http://www.debian.org/security/2004/dsa-423
- http://www.redhat.com/support/errata/RHSA-2003-238.html
- http://www.redhat.com/support/errata/RHSA-2004-188.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997
- http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html
- http://www.debian.org/security/2004/dsa-358
- http://www.debian.org/security/2004/dsa-423
- http://www.redhat.com/support/errata/RHSA-2003-238.html
- http://www.redhat.com/support/errata/RHSA-2004-188.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997
Products affected by CVE-2003-0461
-
cpe:2.3:o:redhat:linux:7.1
-
cpe:2.3:o:redhat:linux:7.2
-
cpe:2.3:o:redhat:linux:7.3
-
cpe:2.3:o:redhat:linux:8.0
-
cpe:2.3:o:redhat:linux:9.0