published date: August 27, 2003

CVE-2003-0467 : Denial of Service Vulnerability

Description

Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error.

Product(s):

Linux Kernel 2.4.20
Linux Kernel 2.4.21
Linux Kernel 2.4.21 pre1
Linux Kernel 2.4.21 pre4
Linux Kernel 2.4.21 pre7

CVSS:5 [Critical]
EPSS:0.66%
Exploitability:10
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2003-0467, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2003-0467 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-2003-0467

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales