Linux NFS utils package "rpc.mountd" contains off-by-one buffer overflow in xlog() function

🗓️ 17 Sep 2003 00:00:00Reported by CERTType

cert

cert🔗 www.kb.cert.org👁 33 Views

Linux NFS contains buffer overflow allowing remote denial of service or code execution exploits.

Reporter	Title	Published	Views	Family All 29
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	7 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	7 Jul 201600:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
CVE	CAN-2003-0252	6 Aug 202410:30	–	cve
CVE	CVE-2003-0252	15 Jul 200304:00	–	cve
Circl	CVE-2003-0252	2 Feb 202408:16	–	circl
Cvelist	CVE-2003-0252	15 Jul 200304:00	–	cvelist
Debian	[SECURITY] [DSA-349-1] New nfs-utils package fixes buffer overflow	14 Jul 200318:47	–	debian
Debian CVE	CVE-2003-0252	15 Jul 200304:00	–	debiancve

Source	Link
nfs	www.nfs.sourceforge.net/
sourceforge	www.sourceforge.net/projects/nfs/
secunia	www.secunia.com/advisories/9259/
xforce	www.xforce.iss.net/xforce/xfdb/12600
securitytracker	www.securitytracker.com/alerts/2003/Jul/1007187.html
securityfocus	www.securityfocus.com/bid/8179

17 Sep 2003 19:36Current

9.5High risk

Vulners AI Score9.5

CVSS 3.19.8

CVSS 210

EPSS0.16108

linux nfs buffer overflow remote code execution denial of service patch available.