{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-04-05T00:00:00", "descriptions": [{"lang": "en", "value": "The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "7601", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/7601"}, {"name": "RHSA-2003:147", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-147.html"}, {"name": "MDKSA-2003:074", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074"}, {"name": "DSA-336", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2003/dsa-336"}, {"name": "oval:org.mitre.oval:def:261", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261"}, {"name": "data-algorithmic-complexity-dos(15382)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15382"}, {"name": "MDKSA-2003:066", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066"}, {"name": "RHSA-2003:172", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-172.html"}, {"name": "ESA-20030515-017", "tags": ["vendor-advisory", "x_refsource_ENGARDE"], "url": "http://marc.info/?l=bugtraq&m=105301461726555&w=2"}, {"name": "DSA-311", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2003/dsa-311"}, {"name": "DSA-332", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2003/dsa-332"}, {"name": "8786", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://www.secunia.com/advisories/8786/"}, {"name": "RHSA-2003:145", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-145.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html"}, {"name": "DSA-312", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2003/dsa-312"}, {"name": "20030517 Algorithmic Complexity Attacks and the Linux Networking Code", "tags": ["mailing-list", "x_refsource_VULNWATCH"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html"}, {"name": "DSA-442", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2004/dsa-442"}, {"tags": ["x_refsource_MISC"], "url": "http://marc.info/?l=linux-kernel&m=104956079213417"}, {"name": "20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=105595901923063&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0244", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "7601", "refsource": "BID", "url": "http://www.securityfocus.com/bid/7601"}, {"name": "RHSA-2003:147", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-147.html"}, {"name": "MDKSA-2003:074", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074"}, {"name": "DSA-336", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-336"}, {"name": "oval:org.mitre.oval:def:261", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261"}, {"name": "data-algorithmic-complexity-dos(15382)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15382"}, {"name": "MDKSA-2003:066", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066"}, {"name": "RHSA-2003:172", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-172.html"}, {"name": "ESA-20030515-017", "refsource": "ENGARDE", "url": "http://marc.info/?l=bugtraq&m=105301461726555&w=2"}, {"name": "DSA-311", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-311"}, {"name": "DSA-332", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-332"}, {"name": "8786", "refsource": "SECUNIA", "url": "http://www.secunia.com/advisories/8786/"}, {"name": "RHSA-2003:145", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-145.html"}, {"name": "http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html", "refsource": "MISC", "url": "http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html"}, {"name": "DSA-312", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-312"}, {"name": "20030517 Algorithmic Complexity Attacks and the Linux Networking Code", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html"}, {"name": "DSA-442", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-442"}, {"name": "http://marc.info/?l=linux-kernel&m=104956079213417", "refsource": "MISC", "url": "http://marc.info/?l=linux-kernel&m=104956079213417"}, {"name": "20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=105595901923063&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:43:36.207Z"}, "title": "CVE Program Container", "references": [{"name": "7601", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/7601"}, {"name": "RHSA-2003:147", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2003-147.html"}, {"name": "MDKSA-2003:074", "tags": ["vendor-advisory", "x_refsource_MANDRAKE", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074"}, {"name": "DSA-336", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2003/dsa-336"}, {"name": "oval:org.mitre.oval:def:261", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261"}, {"name": "data-algorithmic-complexity-dos(15382)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15382"}, {"name": "MDKSA-2003:066", "tags": ["vendor-advisory", "x_refsource_MANDRAKE", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066"}, {"name": "RHSA-2003:172", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2003-172.html"}, {"name": "ESA-20030515-017", "tags": ["vendor-advisory", "x_refsource_ENGARDE", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105301461726555&w=2"}, {"name": "DSA-311", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2003/dsa-311"}, {"name": "DSA-332", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2003/dsa-332"}, {"name": "8786", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://www.secunia.com/advisories/8786/"}, {"name": "RHSA-2003:145", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2003-145.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html"}, {"name": "DSA-312", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2003/dsa-312"}, {"name": "20030517 Algorithmic Complexity Attacks and the Linux Networking Code", "tags": ["mailing-list", "x_refsource_VULNWATCH", "x_transferred"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html"}, {"name": "DSA-442", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2004/dsa-442"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=104956079213417"}, {"name": "20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105595901923063&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0244", "datePublished": "2003-05-08T04:00:00", "dateReserved": "2003-05-06T00:00:00", "dateUpdated": "2024-08-08T01:43:36.207Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions."}, {"lang": "es", "value": "La implementaci\u00f3n de la cach\u00e9 de ruta en Linux 2.4 y el m\u00f3dulo Netfilter IP conntrack permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (agotamiento de CPU) mediante paquetes con una direcci\u00f3n fuente alterada (lo que causa un elevado n\u00famero de colisiones de tabla hash relacionadas con la cadena PREROUTING)."}], "id": "CVE-2003-0244", "lastModified": "2024-11-20T23:44:17.873", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-05-27T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=105301461726555&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=105595901923063&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=linux-kernel&m=104956079213417"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2003/dsa-311"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-312"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-332"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-336"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-442"}, {"source": "cve@mitre.org", "url": "http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2003-145.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-147.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-172.html"}, {"source": "cve@mitre.org", "url": "http://www.secunia.com/advisories/8786/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/7601"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15382"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=105301461726555&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=105595901923063&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=linux-kernel&m=104956079213417"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2003/dsa-311"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-312"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-332"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-336"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-442"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2003-145.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-147.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-172.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.secunia.com/advisories/8786/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/7601"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15382"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2003:145", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1", "release_date": "2003-05-27T00:00:00Z"}, {"advisory": "RHSA-2003:147", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1", "release_date": "2003-05-30T00:00:00Z"}, {"advisory": "RHSA-2003:147", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux ES version 2.1", "release_date": "2003-05-30T00:00:00Z"}, {"advisory": "RHSA-2003:147", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux WS version 2.1", "release_date": "2003-05-30T00:00:00Z"}, {"advisory": "RHSA-2003:190", "cpe": "cpe:/o:redhat:linux:7.1", "product_name": "Red Hat Linux 7.1", "release_date": "2003-06-25T00:00:00Z"}, {"advisory": "RHSA-2003:145", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Linux Advanced Workstation 2.1", "release_date": "2003-05-27T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1617005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617005"}, "csaw": false, "details": ["The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions."], "name": "CVE-2003-0244", "public_date": "2003-04-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2003-0244\nhttps://nvd.nist.gov/vuln/detail/CVE-2003-0244"], "threat_severity": "Important"}