Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2003-0465

CVE-2003-0465

UNKNOWN

The kernel strncpy function in Linux 2

Published Jul 15, 2003

Modified 1 years ago

Details

The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.

References

http://marc.info/?l=linux-kernel&m=105796021120436&w=2

http://marc.info/?l=linux-kernel&m=105796415223490&w=2

http://www.redhat.com/support/errata/RHSA-2004-188.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10285

https://www.cve.org/CVERecord?id=CVE-2003-0465

CVSS Analysis

CVSS v2.0

5.0

Exploitability

Access Vector

NetworkAV:N

Access Complexity

LowAC:L

Authentication

NoneAu:N

Impact

Confidentiality

PartialC:P

Integrity

NoneI:N

Availability

NoneA:N

5/AV:N/AC:L/Au:N/C:P/I:N/A:N

Ecosystems

Timeline

PublishedJul 15, 2003

ModifiedAug 8, 2024

CVE-2003-0465 | Mondoo Vulnerability Intelligence