6 matches found
CVE-2003-0776
CVE-2003-0776 affects the saned daemon in sane-backends (earlier than or equal to 1.0.7). The issue arises because saned does not validate RPC numbers before accessing parameters, enabling unintended behavior that can lead to reliability issues (and, per related advisories, remote exploitation sc...
CVE-2003-0778
CVE-2003-0778 affects the sane-backends package (notably saned) and is described as a memory allocation vulnerability that can allow a remote attacker to cause denial of service by exhausting memory. The initial entry notes vulnerable versions up to 1.0.7 and possibly later, with the issue arisin...
CVE-2003-0773
CVE-2003-0773 affects the sane-backends package (SANE) prior to version 1.0.7, where saned does not validate the IP address of the connecting host during the SANE_NET_INIT RPC. This allows remote attackers to access saned services even if saned.conf would restrict them. The issue is part of multi...
CVE-2003-0777
The CVE-2003-0777 issue affects the sane-backends package (notably the saned daemon). When debug messages are enabled and a connection is dropped, strings may not be null-terminated, potentially triggering a segmentation fault (denial of service). Multiple advisories reference this family of prob...
CVE-2003-0774
CVE-2003-0774 affects saned in sane-backends up to 1.0.7. The issue stems from poor handling of connection drops, allowing a remote attacker to trigger memory access after the wire buffer and cause a segmentation fault (DoS). Affected platforms include Debian, Red Hat, SuSE, Mandrake, and related...
CVE-2003-0775
CVE-2003-0775 affects sane-backends (notably the saned daemon) up to version 1.0.7 and earlier. The root cause is that saned mallocs memory based on a size value, which can be sent, or may be left unknown if the connection is dropped before the size is transmitted, enabling remote attackers to tr...