Lucene search

[email protected]CVE-2003-0041

HistoryFeb 19, 2003 - 5:00 a.m.

CVE-2003-0041

2003-02-1905:00:00

CWE-78

[email protected]

web.nvd.nist.gov

cve-2003-0041

kerberos

ftp client

remote execution

arbitrary code

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.6%

JSON

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.

Affected configurations

NVD

Node

mitkerberos_ftp_client

Node

redhatlinuxMatch6.2

redhatlinuxMatch7.0

redhatlinuxMatch7.1

redhatlinuxMatch7.2

redhatlinuxMatch7.3

redhatlinuxMatch8.0

Node

mandrakesoftmandrake_multi_network_firewallMatch8.2

mandrakesoftmandrake_linuxMatch8.1

mandrakesoftmandrake_linuxMatch8.2

mandrakesoftmandrake_linuxMatch9.0

CPENameOperatorVersion
mit:kerberos_ftp_clientmit kerberos ftp clienteq*

CPE	Name	Operator	Version
mit:kerberos_ftp_client	mit kerberos ftp client	eq	*

References

archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html

secunia.com/advisories/7979

secunia.com/advisories/8114

www.mandriva.com/security/advisories?name=MDKSA-2003:021

www.redhat.com/support/errata/RHSA-2003-020.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.6%

JSON

Related for CVE-2003-0041

nessus2 debiancve1 nvd1 redhat1 securityvulns1 cvelist1