MitreCVE-2003-0853CVE-2003-0853
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
79.4%
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gnu | fileutils | 4.0 | cpe:2.3:a:gnu:fileutils:4.0:*:*:*:*:*:*:* |
| gnu | fileutils | 4.0.36 | cpe:2.3:a:gnu:fileutils:4.0.36:*:*:*:*:*:*:* |
| gnu | fileutils | 4.1 | cpe:2.3:a:gnu:fileutils:4.1:*:*:*:*:*:*:* |
| gnu | fileutils | 4.1.6 | cpe:2.3:a:gnu:fileutils:4.1.6:*:*:*:*:*:*:* |
| gnu | fileutils | 4.1.7 | cpe:2.3:a:gnu:fileutils:4.1.7:*:*:*:*:*:*:* |
| washington_university | wu-ftpd | 2.4.1 | cpe:2.3:a:washington_university:wu-ftpd:2.4.1:*:*:*:*:*:*:* |
| washington_university | wu-ftpd | 2.4.2_beta2 | cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta2:*:academ:*:*:*:*:* |
| washington_university | wu-ftpd | 2.4.2_beta18 | cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:academ:*:*:*:*:* |
| washington_university | wu-ftpd | 2.4.2_beta18_vr4 | cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr4:*:*:*:*:*:*:* |
| washington_university | wu-ftpd | 2.4.2_beta18_vr5 | cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr5:*:*:*:*:*:*:* |
References
distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768
distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771
lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html
secunia.com/advisories/10126
secunia.com/advisories/17069
support.avaya.com/elmodocs2/security/ASA-2005-213.pdf
www.guninski.com/binls.html
www.mandriva.com/security/advisories?name=MDKSA-2003:106
www.redhat.com/support/errata/RHSA-2003-309.html
www.redhat.com/support/errata/RHSA-2003-310.html
www.securityfocus.com/advisories/6014
www.securityfocus.com/bid/8875
www.turbolinux.com/security/TLSA-2003-60.txt
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
79.4%