CVE-2003-0476 Information

Description

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process which allows local users to gain read access to restricted file descriptors.

Reference

http://marc.info/?l=bugtraq&m=105664924024009&w=2 http://www.debian.org/security/2004/dsa-358 http://www.debian.org/security/2004/dsa-423 http://www.mandriva.com/security/advisories?name=MDKSA-2003:074 http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.redhat.com/support/errata/RHSA-2003-368.html http://www.redhat.com/support/errata/RHSA-2003-408.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A327