Lucene search

K

[email protected]CVE-2003-0028

HistoryMar 25, 2003 - 5:00 a.m.

CVE-2003-0028

2003-03-2505:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

40

cve

2003

0028

integer overflow

xdr

libraries

remote code execution

sunrpc

nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.968 High

EPSS

Percentile

99.7%

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

CPENameOperatorVersion
gnu:glibcgnu glibceq2.2.2
sgi:irixsgi irixeq6.5.9f
sgi:irixsgi irixeq6.5.16m
sgi:irixsgi irixeq6.5.6
openafs:openafsopenafseq1.1.1a
gnu:glibcgnu glibceq2.1.2
sgi:irixsgi irixeq6.5.4m
sgi:irixsgi irixeq6.5.17f
sgi:irixsgi irixeq6.5.3f
gnu:glibcgnu glibceq2.2.5

Rows per page:

1-10 of 1521

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc

archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html

marc.info/?l=bugtraq&m=104810574423662&w=2

marc.info/?l=bugtraq&m=104811415301340&w=2

marc.info/?l=bugtraq&m=104860855114117&w=2

marc.info/?l=bugtraq&m=104878237121402&w=2

marc.info/?l=bugtraq&m=105362148313082&w=2

www.cert.org/advisories/CA-2003-10.html

www.debian.org/security/2003/dsa-266

www.debian.org/security/2003/dsa-272

www.debian.org/security/2003/dsa-282

www.eeye.com/html/Research/Advisories/AD20030318.html

www.kb.cert.org/vuls/id/516825

www.linuxsecurity.com/advisories/engarde_advisory-3024.html

www.mandriva.com/security/advisories?name=MDKSA-2003:037

www.novell.com/linux/security/advisories/2003_027_glibc.html

www.redhat.com/support/errata/RHSA-2003-051.html

www.redhat.com/support/errata/RHSA-2003-052.html

www.redhat.com/support/errata/RHSA-2003-089.html

www.redhat.com/support/errata/RHSA-2003-091.html

www.securityfocus.com/archive/1/315638/30/25430/threaded

www.securityfocus.com/archive/1/316931/30/25250/threaded

www.securityfocus.com/archive/1/316960/30/25250/threaded

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230

security.netapp.com/advisory/ntap-20150122-0002/

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.968 High

EPSS

Percentile

99.7%

Related for CVE-2003-0028

debiancve2 nessus20 debian15 openvas22 suse2 cert2 securityvulns5 osv8 canvas2 cve1 redhat1