Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2003-0028HistoryMar 25, 2003 - 5:00 a.m.
CVE-2003-0028
2003-03-2505:00:00
Debian Security Bug Tracker
security-tracker.debian.org
17
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.968 High
EPSS
Percentile
99.7%
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dietlibc | < 0.22-2 | dietlibc_0.22-2_all.deb |
| Debian | 11 | all | dietlibc | < 0.22-2 | dietlibc_0.22-2_all.deb |
| Debian | 10 | all | dietlibc | < 0.22-2 | dietlibc_0.22-2_all.deb |
| Debian | 999 | all | dietlibc | < 0.22-2 | dietlibc_0.22-2_all.deb |
| Debian | 13 | all | dietlibc | < 0.22-2 | dietlibc_0.22-2_all.deb |
| Debian | 12 | all | glibc | < 2.3.1-16 | glibc_2.3.1-16_all.deb |
| Debian | 11 | all | glibc | < 2.3.1-16 | glibc_2.3.1-16_all.deb |
| Debian | 10 | all | glibc | < 2.3.1-16 | glibc_2.3.1-16_all.deb |
| Debian | 999 | all | glibc | < 2.3.1-16 | glibc_2.3.1-16_all.deb |
| Debian | 13 | all | glibc | < 2.3.1-16 | glibc_2.3.1-16_all.deb |
Related
cve
cve
CVE-2003-0028
2003-03-25 05:00:00
CVE-2002-0391
2002-08-12 04:00:00
nessus
nessus
Mandrake Linux Security Advisory : glibc (MDKSA-2003:037)
2004-07-31 00:00:00
Debian DSA-272-1 : dietlibc - integer overflow
2004-09-29 00:00:00
SUSE-SA:2003:027: glibc
2004-07-25 00:00:00
debian
debian
[SECURITY] [DSA 272-1] New dietlibc packages fix arbitrary code execution
2003-03-28 00:00:00
[SECURITY] [DSA 272-1] New dietlibc packages fix arbitrary code execution
2003-03-28 06:41:48
[SECURITY] [DSA 282-1] New glibc packages fix arbitrary code execution
2003-04-09 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-282)
2008-01-17 00:00:00
Debian Security Advisory DSA 282-1 (glibc)
2008-01-17 00:00:00
Debian Security Advisory DSA 272-1 (dietlibc)
2008-01-17 00:00:00
suse
suse
remote system compromise in glibc
2003-05-27 15:57:34
local/remote privilege escalation in glibc
2002-08-30 17:06:11
cert
cert
Integer overflow in Sun RPC XDR library routines
2003-03-19 00:00:00
Integer overflow in xdr_array() function when deserializing the XDR stream
2002-08-01 00:00:00
securityvulns
securityvulns
MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes
2003-03-20 00:00:00
CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines
2003-03-20 00:00:00
osv
osv
glibc - integer overflow
2003-04-09 00:00:00
dietlibc - integer overflow
2002-08-08 00:00:00
dietlibc - integer overflow
2003-03-28 00:00:00
canvas
canvas
Immunity Canvas: TTDB_XDRARRAY
2002-08-12 04:00:00
Immunity Canvas: CMSD_XDRARRAY
2002-08-12 00:00:00
debiancve
debiancve
CVE-2002-0391
2002-08-12 04:00:00
redhat
redhat
(RHSA-2003:052) krb5 security update
2003-03-27 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.968 High
EPSS
Percentile
99.7%
Related for DEBIANCVE:CVE-2003-0028