Lucene search

K
cve[email protected]CVE-2003-0453
HistoryAug 07, 2003 - 4:00 a.m.

CVE-2003-0453

2003-08-0704:00:00
NVD-CWE-Other
web.nvd.nist.gov
26
cve-2003-0453
traceroute-nanog
buffer overflow
nprobes
max_ttl
integer overflow
memory overwrite
nvd

7.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.9%

traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain “nprobes” and “max_ttl” arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer overflow.

7.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.9%

Related for CVE-2003-0453