Lucene search

[email protected]CVE-2003-0372

HistoryJun 16, 2003 - 4:00 a.m.

CVE-2003-0372

2003-06-1604:00:00

CWE-189

[email protected]

web.nvd.nist.gov

cve

2003-0372

vulnerability

libnasl

nessus

denial of service

core dump

arbitrary code

nvd

integer vulnerability

local users

plugin upload privileges

7.7 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.3%

JSON

Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script.

CPENameOperatorVersion
nessus:nessusnessusle2.0.5

CPE	Name	Operator	Version
nessus:nessus	nessus	le	2.0.5

References

marc.info/?l=bugtraq&m=105364059803427&w=2

marc.info/?l=bugtraq&m=105369506714849&w=2

www.securityfocus.com/bid/7664

7.7 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.3%

JSON

Related for CVE-2003-0372

cve1