Lucene search

[email protected]CVE-2003-0034

HistoryFeb 07, 2003 - 5:00 a.m.

CVE-2003-0034

2003-02-0705:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0034

buffer overflow

mtink

status monitor

code execution

mandrake linux

printer-drivers package

7.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable.

CPENameOperatorVersion
jean-jacques_sarton:mtinkjean-jacques sarton mtinkeq0.9.52
jean-jacques_sarton:mtinkjean-jacques sarton mtinkeq0.9.33
jean-jacques_sarton:mtinkjean-jacques sarton mtinkeq0.9.32

CPE	Name	Operator	Version
jean-jacques_sarton:mtink	jean-jacques sarton mtink	eq	0.9.52
jean-jacques_sarton:mtink	jean-jacques sarton mtink	eq	0.9.33
jean-jacques_sarton:mtink	jean-jacques sarton mtink	eq	0.9.32

References

archives.neohapsis.com/archives/vulnwatch/2003-q1/0029.html

www.idefense.com/advisory/01.21.03.txt

www.mandriva.com/security/advisories?name=MDKSA-2003:010

www.securityfocus.com/bid/6656

www.securitytracker.com/id?1005959

7.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2003-0034

cvelist1 debiancve1 nessus1