ID C480EB5E-7F00-11D8-868E-000347DD607F Type freebsd Reporter FreeBSD Modified 2004-03-29T00:00:00
Description
A security hole exists that can be used to crash the proxy and
execute arbitrary code. An exploit is circulating that takes
advantage of this, and in some cases succeeds in obtaining a login
shell on the machine.
{"published": "2003-07-01T00:00:00", "type": "freebsd", "references": ["http://ezbounce.dc-team.com/"], "modified": "2004-03-29T00:00:00", "description": "\nA security hole exists that can be used to crash the proxy and\n\t execute arbitrary code. An exploit is circulating that takes\n\t advantage of this, and in some cases succeeds in obtaining a login\n\t shell on the machine.\n", "enchantments": {"vulnersScore": 7.5}, "id": "C480EB5E-7F00-11D8-868E-000347DD607F", "hash": "7d086cd6438eaef6ebbc0874315a8908b16dfd774ea93e6af5fa87e6748e3b03", "hashmap": [{"hash": "e0f8526e6dd51c06c65e0c64a108b2e0", "key": "affectedPackage"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "2fa5fcc3d42e4aef4325ecef82bc9d14", "key": "cvelist"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "072611ebebe869f93bd19d42da364c26", "key": "description"}, {"hash": "ad7f875f9fcae37ca1b8e9180113dc74", "key": "href"}, {"hash": "70407da55996c6f492ec9d97700d9d26", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "aff91dfdec721a94bd665b4a0093db8b", "key": "published"}, {"hash": "b1a2befc49f62c4a743c38a5926c2279", "key": "references"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "85fb86cd3702562db1814293737eb62d", "key": "title"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "edition": 1, "affectedPackage": [{"OSVersion": "any", "packageFilename": "UNKNOWN", "packageVersion": "1.04.a_1", "arch": "noarch", "OS": "FreeBSD", "operator": "lt", "packageName": "ezbounce"}], "bulletinFamily": "unix", "reporter": "FreeBSD", "title": "ezbounce remote format string vulnerability", "viewCount": 0, "lastseen": "2016-09-26T17:25:23", "cvelist": ["CVE-2003-0510"], "objectVersion": "1.2", "history": [], "href": "https://vuxml.freebsd.org/freebsd/c480eb5e-7f00-11d8-868e-000347dd607f.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}
{"result": {"cve": [{"id": "CVE-2003-0510", "type": "cve", "title": "CVE-2003-0510", "description": "Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the \"sessions\" command.", "published": "2003-08-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0510", "cvelist": ["CVE-2003-0510"], "lastseen": "2017-04-18T15:50:00"}], "exploitdb": [{"id": "EDB-ID:22848", "type": "exploitdb", "title": "ezbounce 1.0/1.5 Format String Vulnerability", "description": "ezbounce 1.0/1.5 Format String Vulnerability. CVE-2003-0510. Remote exploit for linux platform", "published": "2003-07-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/22848/", "cvelist": ["CVE-2003-0510"], "lastseen": "2016-02-02T19:40:59"}], "nessus": [{"id": "FREEBSD_PKG_C480EB5E7F0011D8868E000347DD607F.NASL", "type": "nessus", "title": "FreeBSD : ezbounce remote format string vulnerability (c480eb5e-7f00-11d8-868e-000347dd607f)", "description": "A security hole exists that can be used to crash the proxy and execute arbitrary code. An exploit is circulating that takes advantage of this, and in some cases succeeds in obtaining a login shell on the machine.", "published": "2009-04-23T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=37811", "cvelist": ["CVE-2003-0510"], "lastseen": "2017-10-29T13:40:53"}, {"id": "FREEBSD_EZBOUNCE_104_A_1.NASL", "type": "nessus", "title": "FreeBSD : ezbounce remote format string vulnerability (45)", "description": "The following package needs to be updated: ezbounce", "published": "2004-07-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=12539", "cvelist": ["CVE-2003-0510"], "lastseen": "2016-09-26T17:24:39"}], "osvdb": [{"id": "OSVDB:2230", "type": "osvdb", "title": "ezbounce sessions Command Format String", "description": "# No description provided by the source\n\n## References:\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-07/0002.html\nISS X-Force ID: 12486\n[CVE-2003-0510](https://vulners.com/cve/CVE-2003-0510)\nBugtraq ID: 8071\n", "published": "2003-06-30T21:59:14", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:2230", "cvelist": ["CVE-2003-0510"], "lastseen": "2017-04-28T13:19:57"}], "openvas": [{"id": "OPENVAS:52491", "type": "openvas", "title": "FreeBSD Ports: ezbounce", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=52491", "cvelist": ["CVE-2003-0510"], "lastseen": "2017-07-02T21:10:19"}]}}
