| Name | CVE-2003-0001 |
| Description | Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. |
| Source | CVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more) |
| References | DSA-311, DSA-312, DSA-332, DSA-336, DSA-423, DSA-442 |
| NVD severity | medium (attack range: remote) |
| Debian/oldstable | not known to be vulnerable. |
| Debian/stable | not known to be vulnerable. |
| Debian/testing | not known to be vulnerable. |
| Debian/unstable | not known to be vulnerable. |
The information above is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| kernel-image-2.2.20-i386 | source | woody | 2.2.20-5woody3 | medium | DSA-336 | |
| kernel-image-2.4.17-ia64 | source | woody | kernel-image-2.4.17-ia64 | medium | DSA-423 | |
| kernel-image-2.4.17-s390 | source | woody | 2.4.17-2.woody.3 | medium | DSA-442 | |
| kernel-image-2.4.18-1-i386 | source | woody | 2.4.18-8 | medium | DSA-311 | |
| kernel-image-2.4.18-i386bf | source | woody | 2.4.18-5woody1. | medium | DSA-311 | |
| kernel-patch-2.4.17-mips | source | woody | 2.4.17-0.020226.2.woody2 | medium | DSA-332 | |
| kernel-patch-2.4.17-s390 | source | woody | 0.0.20020816-0.woody.2 | medium | DSA-442 | |
| kernel-patch-2.4.18-powerpc | source | woody | 2.4.18-1woody1 | medium | DSA-312 | |
| kernel-source-2.2.20 | source | woody | 2.2.20-5woody2 | medium | DSA-336 | |
| kernel-source-2.4.17 | source | woody | 2.4.17-1woody1 | medium | DSA-332 | |
| kernel-source-2.4.18 | source | woody | 2.4.18-9 | medium | DSA-311 | |
| kernel-source-2.4.27 | source | (unstable) | (not affected) |
- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-pre5)