48993 – (CVE-2003-0858) VUL-0: CVE-2003-0858: zebra and quagga - DoS by netlink messages sent by other users

Bug 48993 (CVE-2003-0858) - VUL-0: CVE-2003-0858: zebra and quagga - DoS by netlink messages sent by other users

Summary: VUL-0: CVE-2003-0858: zebra and quagga - DoS by netlink messages sent by othe...

Status:	RESOLVED FIXED
Duplicates (1):	47534 (view as bug list)

Alias:	CVE-2003-0858

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	All Linux

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Thomas Biege
QA Contact:	Security Team bot

URL:
Whiteboard:	CVE-2003-0858: CVSS v2 Base Score: 2....
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2004-01-16 20:00 UTC by Petr Ostadal
Modified:	2021-09-29 14:56 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
patchinfo.zebra (410 bytes, text/plain) 2004-01-19 20:56 UTC, Thomas Biege	Details
patchinfo-box.zebra (416 bytes, text/plain) 2004-01-19 20:57 UTC, Thomas Biege	Details
patchinfo-box.quagga (412 bytes, text/plain) 2004-01-19 20:57 UTC, Thomas Biege	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Petr Ostadal 2004-01-16 20:00:44 UTC

CAN-2003-0858 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0858) -
Netlink messages sent by other users (rather than the kernel) would be accepted,
leading to a denial of service.

The information about security bug is on http://www.debian.org/security/2004/dsa-415

Comment 1 Thomas Biege 2004-01-19 20:55:20 UTC

Hi Peter, 
thanks for the info. 
I attached the patchinfo files and will create the "laufzettel".

Comment 2 Thomas Biege 2004-01-19 20:56:46 UTC

Created attachment 15688 [details]
patchinfo.zebra

Comment 3 Thomas Biege 2004-01-19 20:57:18 UTC

Created attachment 15689 [details]
patchinfo-box.zebra

Comment 4 Thomas Biege 2004-01-19 20:57:55 UTC

Created attachment 15690 [details]
patchinfo-box.quagga

Comment 5 Petr Ostadal 2004-01-19 23:14:51 UTC

I fixed and submited it for all distros.

After autobuild rebuild rpms I will submit p&p files.

Comment 6 Petr Ostadal 2004-01-20 18:36:08 UTC

Rpms was rebuilded and I submited p&p files.

Comment 7 Thomas Biege 2004-01-22 18:12:20 UTC

*** Bug 47534 has been marked as a duplicate of this bug. ***

Comment 8 Thomas Biege 2004-01-30 17:06:15 UTC

packages approved

Comment 9 Thomas Biege 2009-10-13 19:43:54 UTC

CVE-2003-0858: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)