Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2003-0028
HistoryMar 25, 2003 - 5:00 a.m.

CVE-2003-0028

2003-03-2505:00:00
[email protected]
web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.968 High

EPSS

Percentile

99.7%

JSON

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Affected configurations

NVD
Node
gnuglibcMatch2.1
OR
gnuglibcMatch2.1.1
OR
gnuglibcMatch2.1.2
OR
gnuglibcMatch2.1.3
OR
gnuglibcMatch2.2
OR
gnuglibcMatch2.2.1
OR
gnuglibcMatch2.2.2
OR
gnuglibcMatch2.2.3
OR
gnuglibcMatch2.2.4
OR
gnuglibcMatch2.2.5
OR
gnuglibcMatch2.3
OR
gnuglibcMatch2.3.1
OR
gnuglibcMatch2.3.2
OR
mitkerberos_5Match1.2
OR
mitkerberos_5Match1.2.1
OR
mitkerberos_5Match1.2.2
OR
mitkerberos_5Match1.2.3
OR
mitkerberos_5Match1.2.4
OR
mitkerberos_5Match1.2.5
OR
mitkerberos_5Match1.2.6
OR
mitkerberos_5Match1.2.7
OR
openafsopenafsMatch1.0
OR
openafsopenafsMatch1.0.1
OR
openafsopenafsMatch1.0.2
OR
openafsopenafsMatch1.0.3
OR
openafsopenafsMatch1.0.4
OR
openafsopenafsMatch1.0.4a
OR
openafsopenafsMatch1.1
OR
openafsopenafsMatch1.1.1
OR
openafsopenafsMatch1.1.1a
OR
openafsopenafsMatch1.2
OR
openafsopenafsMatch1.2.1
OR
openafsopenafsMatch1.2.2
OR
openafsopenafsMatch1.2.2a
OR
openafsopenafsMatch1.2.2b
OR
openafsopenafsMatch1.2.3
OR
openafsopenafsMatch1.2.4
OR
openafsopenafsMatch1.2.5
OR
openafsopenafsMatch1.2.6
OR
openafsopenafsMatch1.3
OR
openafsopenafsMatch1.3.1
OR
openafsopenafsMatch1.3.2
OR
sgiirixMatch6.5
OR
sgiirixMatch6.5.1
OR
sgiirixMatch6.5.2
OR
sgiirixMatch6.5.2f
OR
sgiirixMatch6.5.2m
OR
sgiirixMatch6.5.3
OR
sgiirixMatch6.5.3f
OR
sgiirixMatch6.5.3m
OR
sgiirixMatch6.5.4
OR
sgiirixMatch6.5.4f
OR
sgiirixMatch6.5.4m
OR
sgiirixMatch6.5.5
OR
sgiirixMatch6.5.5f
OR
sgiirixMatch6.5.5m
OR
sgiirixMatch6.5.6
OR
sgiirixMatch6.5.6f
OR
sgiirixMatch6.5.6m
OR
sgiirixMatch6.5.7
OR
sgiirixMatch6.5.7f
OR
sgiirixMatch6.5.7m
OR
sgiirixMatch6.5.8
OR
sgiirixMatch6.5.8f
OR
sgiirixMatch6.5.8m
OR
sgiirixMatch6.5.9
OR
sgiirixMatch6.5.9f
OR
sgiirixMatch6.5.9m
OR
sgiirixMatch6.5.10
OR
sgiirixMatch6.5.10f
OR
sgiirixMatch6.5.10m
OR
sgiirixMatch6.5.11
OR
sgiirixMatch6.5.11f
OR
sgiirixMatch6.5.11m
OR
sgiirixMatch6.5.12
OR
sgiirixMatch6.5.12f
OR
sgiirixMatch6.5.12m
OR
sgiirixMatch6.5.13
OR
sgiirixMatch6.5.13f
OR
sgiirixMatch6.5.13m
OR
sgiirixMatch6.5.14
OR
sgiirixMatch6.5.14f
OR
sgiirixMatch6.5.14m
OR
sgiirixMatch6.5.15
OR
sgiirixMatch6.5.15f
OR
sgiirixMatch6.5.15m
OR
sgiirixMatch6.5.16
OR
sgiirixMatch6.5.16f
OR
sgiirixMatch6.5.16m
OR
sgiirixMatch6.5.17
OR
sgiirixMatch6.5.17f
OR
sgiirixMatch6.5.17m
OR
sgiirixMatch6.5.18
OR
sgiirixMatch6.5.18f
OR
sgiirixMatch6.5.18m
OR
sgiirixMatch6.5.19
OR
sgiirixMatch6.5.20
Node
crayunicosMatch6.0
OR
crayunicosMatch6.0e
OR
crayunicosMatch6.1
OR
crayunicosMatch7.0
OR
crayunicosMatch8.0
OR
crayunicosMatch8.3
OR
crayunicosMatch9.0
OR
crayunicosMatch9.0.2.5
OR
crayunicosMatch9.2
OR
crayunicosMatch9.2.4
OR
freebsdfreebsdMatch4.0
OR
freebsdfreebsdMatch4.1
OR
freebsdfreebsdMatch4.1.1
OR
freebsdfreebsdMatch4.1.1release
OR
freebsdfreebsdMatch4.1.1stable
OR
freebsdfreebsdMatch4.2
OR
freebsdfreebsdMatch4.2stable
OR
freebsdfreebsdMatch4.3
OR
freebsdfreebsdMatch4.3release
OR
freebsdfreebsdMatch4.3stable
OR
freebsdfreebsdMatch4.4
OR
freebsdfreebsdMatch4.4stable
OR
freebsdfreebsdMatch4.5
OR
freebsdfreebsdMatch4.5release
OR
freebsdfreebsdMatch4.5stable
OR
freebsdfreebsdMatch4.6
OR
freebsdfreebsdMatch4.6release
OR
freebsdfreebsdMatch4.6stable
OR
freebsdfreebsdMatch4.6.2
OR
freebsdfreebsdMatch4.7
OR
freebsdfreebsdMatch4.7release
OR
freebsdfreebsdMatch4.7stable
OR
freebsdfreebsdMatch5.0
OR
hphp-uxMatch10.20
OR
hphp-uxMatch10.24
OR
hphp-uxMatch11.00
OR
hphp-uxMatch11.04
OR
hphp-uxMatch11.11
OR
hphp-uxMatch11.20
OR
hphp-uxMatch11.22
OR
hphp-ux_series_700Match10.20
OR
hphp-ux_series_800Match10.20
OR
ibmaixMatch4.3.3
OR
ibmaixMatch5.1
OR
ibmaixMatch5.2
OR
openbsdopenbsdMatch2.0
OR
openbsdopenbsdMatch2.1
OR
openbsdopenbsdMatch2.2
OR
openbsdopenbsdMatch2.3
OR
openbsdopenbsdMatch2.4
OR
openbsdopenbsdMatch2.5
OR
openbsdopenbsdMatch2.6
OR
openbsdopenbsdMatch2.7
OR
openbsdopenbsdMatch2.8
OR
openbsdopenbsdMatch2.9
OR
openbsdopenbsdMatch3.0
OR
openbsdopenbsdMatch3.1
OR
openbsdopenbsdMatch3.2
OR
sunsolarisMatch2.5.1x86
OR
sunsolarisMatch2.6
OR
sunsolarisMatch7.0x86
OR
sunsolarisMatch8.0x86
OR
sunsolarisMatch9.0sparc
OR
sunsolarisMatch9.0x86
OR
sunsunosMatch-
OR
sunsunosMatch5.5.1
OR
sunsunosMatch5.7
OR
sunsunosMatch5.8

References

Related

cve 2
cvelist 2
debiancve 2
nessus 20
debian 15
openvas 22
cert 2
suse 2
osv 8
nvd 1
securityvulns 5
canvas 2
redhat 1
cve
cve
CVE-2003-0028
2003-03-25 05:00:00
CVE-2002-0391
2003-04-02 05:00:00
cvelist
cvelist
CVE-2003-0028
2003-03-21 05:00:00
CVE-2002-0391
2003-04-02 05:00:00
debiancve
debiancve
CVE-2003-0028
2003-03-25 05:00:00
CVE-2002-0391
2003-04-02 05:00:00
nessus
nessus
SUSE-SA:2003:027: glibc
2004-07-25 00:00:00
Mandrake Linux Security Advisory : glibc (MDKSA-2003:037)
2004-07-31 00:00:00
Debian DSA-272-1 : dietlibc - integer overflow
2004-09-29 00:00:00
debian
debian
[SECURITY] [DSA 282-1] New glibc packages fix arbitrary code execution
2003-04-09 11:20:05
[SECURITY] [DSA 272-1] New dietlibc packages fix arbitrary code execution
2003-03-28 06:41:48
[SECURITY] [DSA 272-1] New dietlibc packages fix arbitrary code execution
2003-03-28 06:41:48
openvas
openvas
Debian: Security Advisory (DSA-272)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-282)
2008-01-17 00:00:00
Debian Security Advisory DSA 282-1 (glibc)
2008-01-17 00:00:00
cert
cert
Integer overflow in Sun RPC XDR library routines
2003-03-19 00:00:00
Integer overflow in xdr_array() function when deserializing the XDR stream
2002-08-01 00:00:00
suse
suse
remote system compromise in glibc
2003-05-27 15:57:34
local/remote privilege escalation in glibc
2002-08-30 17:06:11
osv
osv
dietlibc - integer overflow
2002-08-08 00:00:00
glibc - integer overflow
2003-04-09 00:00:00
krb5 - integer overflow
2002-08-05 00:00:00
nvd
nvd
CVE-2002-0391
2002-08-12 04:00:00
securityvulns
securityvulns
[RHSA-2003:089-00] Updated glibc packages fix vulnerabilities in RPC XDR decoder
2003-03-20 00:00:00
CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines
2003-03-20 00:00:00
MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes
2003-03-20 00:00:00
canvas
canvas
Immunity Canvas: TTDB_XDRARRAY
2002-08-12 04:00:00
Immunity Canvas: CMSD_XDRARRAY
2002-08-12 00:00:00
redhat
redhat
(RHSA-2003:052) krb5 security update
2003-03-27 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.968 High

EPSS

Percentile

99.7%

JSON
Related for NVD:CVE-2003-0028
cve2cvelist2debiancve2nessus20debian15openvas22cert2suse2osv8nvd1securityvulns5canvas2redhat1