Lucene search

[email protected]CVE-2003-0372

HistoryJun 16, 2003 - 4:00 a.m.

CVE-2003-0372

2003-06-1604:00:00

CWE-189

[email protected]

web.nvd.nist.gov

cve

2003-0372

vulnerability

libnasl

nessus

denial of service

core dump

arbitrary code

nvd

integer vulnerability

local users

plugin upload privileges

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script.

Affected configurations

NVD

Node

nessusnessusRange≤2.0.5

CPENameOperatorVersion
nessus:nessusnessusle2.0.5

CPE	Name	Operator	Version
nessus:nessus	nessus	le	2.0.5

References

marc.info/?l=bugtraq&m=105364059803427&w=2

marc.info/?l=bugtraq&m=105369506714849&w=2

www.securityfocus.com/bid/7664

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

Related for CVE-2003-0372

cvelist2 nvd2 cve1