CVE-2003-0001

CVE Database · CVE-2003-0001

CVE-2003-0001

· N/AModified

CVSS v3.1

N/A

EPSS

71.71%

Published

Jan 17, 2003

Modified

Apr 15, 2026

Public PoC / Exploit (4)

All weaponized →

Exploit-DBLinux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure Exploit-DBCisco ASA < 8.4.4.6 < 8.2.5.32 - Ethernet Information Leak Exploit-DBEthernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

Weaknesses (CWE)

CWE-200

Affected Products (37)

freebsd · freebsdvulnerable

linux · linux_kernelvulnerable

References (20)

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html

http://marc.info/?l=bugtraq&m=104222046632243&w=2

http://secunia.com/advisories/7996

http://www.atstake.com/research/advisories/2003/a010603-1.txt

Vendor Advisory

http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf

http://www.kb.cert.org/vuls/id/412115

Third Party AdvisoryUS Government Resource

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.osvdb.org/9962

http://www.redhat.com/support/errata/RHSA-2003-025.html

http://www.redhat.com/support/errata/RHSA-2003-088.html

KEV Catalog EPSS Scores Vendors All CVEs