Lucene search

[email protected]CVE-2003-0466

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0466

2003-08-2704:00:00

CWE-193

[email protected]

web.nvd.nist.gov

cve-2003-0466

buffer overflow

fb_realpath

realpath

wu-ftpd

code execution

security vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.795 High

EPSS

Percentile

98.2%

JSON

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.

CPENameOperatorVersion
wuftpd:wu-ftpdwuftpd wu-ftpdle2.6.2
redhat:wu_ftpdredhat wu ftpdeq2.6.1-16
apple:mac_os_x_serverapple mac os x servereq10.2.6
apple:mac_os_xapple mac os xeq10.2.6
sun:solarissun solariseq9.0
freebsd:freebsdfreebsdle5.0
netbsd:netbsdnetbsdle1.6.1
openbsd:openbsdopenbsdle3.3

CPE	Name	Operator	Version
wuftpd:wu-ftpd	wuftpd wu-ftpd	le	2.6.2
redhat:wu_ftpd	redhat wu ftpd	eq	2.6.1-16
apple:mac_os_x_server	apple mac os x server	eq	10.2.6
apple:mac_os_x	apple mac os x	eq	10.2.6
sun:solaris	sun solaris	eq	9.0
freebsd:freebsd	freebsd	le	5.0
netbsd:netbsd	netbsd	le	1.6.1
openbsd:openbsd	openbsd	le	3.3

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc

archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html

download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01

isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt

marc.info/?l=bugtraq&m=105967301604815&w=2

marc.info/?l=bugtraq&m=106001410028809&w=2

marc.info/?l=bugtraq&m=106001702232325&w=2

marc.info/?l=bugtraq&m=106002488209129&w=2

secunia.com/advisories/9423

secunia.com/advisories/9446

secunia.com/advisories/9447

secunia.com/advisories/9535

securitytracker.com/id?1007380

sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1

www.debian.org/security/2003/dsa-357

www.kb.cert.org/vuls/id/743092

www.mandriva.com/security/advisories?name=MDKSA-2003:080

www.novell.com/linux/security/advisories/2003_032_wuftpd.html

www.osvdb.org/6602

www.redhat.com/support/errata/RHSA-2003-245.html

www.redhat.com/support/errata/RHSA-2003-246.html

www.securityfocus.com/archive/1/424852/100/0/threaded

www.securityfocus.com/archive/1/425061/100/0/threaded

www.securityfocus.com/bid/8315

www.turbolinux.com/security/TLSA-2003-46.txt

exchange.xforce.ibmcloud.com/vulnerabilities/12785

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.795 High

EPSS

Percentile

98.2%

JSON

Related for CVE-2003-0466

nessus8 securityvulns1 debian1 openvas1 osv1 redhat1 suse1 cert1