Lucene search

[email protected]CVE-2003-0625

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0625

2003-08-2704:00:00

CWE-193

[email protected]

web.nvd.nist.gov

cve-2003-0625

xfstt

memory leak

security issue

remote attack

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.013 Low

EPSS

Percentile

85.6%

JSON

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server’s response.

CPENameOperatorVersion
hadrons:xfstthadrons xfsttlt1.5.1

CPE	Name	Operator	Version
hadrons:xfstt	hadrons xfstt	lt	1.5.1

References

developer.berlios.de/forum/forum.php?forum_id=2819

marc.info/?l=bugtraq&m=105941103709264&w=2

www.debian.org/security/2003/dsa-360

www.securityfocus.com/bid/8255

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.013 Low

EPSS

Percentile

85.6%

JSON

Related for CVE-2003-0625

ubuntucve1 debiancve1 securityvulns1 openvas2 osv1 nessus1 debian1