Upstream information

CVE-2003-0501 at MITRE

Description

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having low severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 2.1
Vector AV:L/AC:L/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-source >= 2.4.19.SuSE-142
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-source >= 2.4.19.SuSE-136
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-ppc64 >= 2.4.19-223
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-ppc64 >= 2.4.19-231
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-iseries64 >= 2.4.19-239
ul1.ppc
SuSE Linux School Server for i386
  • alice-compat >= 0.21-207
  • autoyast2 >= 2.6.44-27
  • mkisofs >= 1.11.a28-84
  • perl-XML-DOM >= 1.39-102
  • perl-XML-Generator >= 0.91-172
  • perl-XML-RegExp >= 0.03-422
  • syslinux >= 1.62-531
  • xntp-doc >= 4.1.1-331
Builds
YOU Patch Nr: 8799
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-iseries64 >= 2.4.19-233
ul1.ppc