7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.055 Low
EPSS
Percentile
93.1%
Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro.
CPE | Name | Operator | Version |
---|---|---|---|
ktools:ktools | ktools | le | 0.3 |
secunia.com/advisories/17768
secunia.com/advisories/18081
secunia.com/advisories/20329
secunia.com/advisories/20368
secunia.com/advisories/20446
secunia.com/advisories/21684
security.gentoo.org/glsa/glsa-200512-11.xml
security.gentoo.org/glsa/glsa-200608-27.xml
www.debian.org/security/2006/dsa-1083
www.debian.org/security/2006/dsa-1088
www.osvdb.org/21161
www.securityfocus.com/archive/1/417906/100/0/threaded
www.securityfocus.com/bid/15600
www.vupen.com/english/advisories/2005/2605
www.vupen.com/english/advisories/2006/2062
www.zone-h.org/en/advisories/read/id=8480/
exchange.xforce.ibmcloud.com/vulnerabilities/23233