CVE-2003-0501 Information

Description

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program which causes the program to fail to change the ownership and permissions of those entries.

Reference

http://marc.info/?l=bugtraq&m=105621758104242 http://www.debian.org/security/2004/dsa-358 http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-198.html http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.redhat.com/support/errata/RHSA-2003-239.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A328