Lucene search

[email protected]CVE-2003-1234

HistoryNov 16, 2005 - 7:37 a.m.

CVE-2003-1234

2005-11-1607:37:00

[email protected]

web.nvd.nist.gov

cve-2003-1234

integer overflow

f_count

freebsd

denial of service

arbitrary code

nvd

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.6%

JSON

Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop.

Affected configurations

NVD

Node

freebsdfreebsdMatch1.1.5.1

freebsdfreebsdMatch2.1.0

freebsdfreebsdMatch2.1.5

freebsdfreebsdMatch2.1.6

freebsdfreebsdMatch2.1.6.1

freebsdfreebsdMatch2.1.7

freebsdfreebsdMatch2.1.7.1

freebsdfreebsdMatch2.2

freebsdfreebsdMatch2.2current

freebsdfreebsdMatch2.2.1

freebsdfreebsdMatch2.2.2

freebsdfreebsdMatch2.2.3

freebsdfreebsdMatch2.2.4

freebsdfreebsdMatch2.2.5

freebsdfreebsdMatch2.2.6

freebsdfreebsdMatch2.2.7

freebsdfreebsdMatch2.2.8

freebsdfreebsdMatch3.1

freebsdfreebsdMatch3.2

freebsdfreebsdMatch3.3

freebsdfreebsdMatch3.4

freebsdfreebsdMatch3.5

freebsdfreebsdMatch3.5.1release

freebsdfreebsdMatch4.2

freebsdfreebsdMatch4.3

freebsdfreebsdMatch4.3release

freebsdfreebsdMatch4.4

freebsdfreebsdMatch4.5

freebsdfreebsdMatch4.5release

freebsdfreebsdMatch4.6

freebsdfreebsdMatch4.6release

freebsdfreebsdMatch4.7

freebsdfreebsdMatch4.7release

freebsdfreebsdMatch4.9releng

freebsdfreebsdMatch4.10

freebsdfreebsdMatch4.10release

freebsdfreebsdMatch4.10release_p8

freebsdfreebsdMatch4.10releng

freebsdfreebsdMatch4.11

freebsdfreebsdMatch4.11release_p3

freebsdfreebsdMatch4.11releng

freebsdfreebsdMatch4.11stable

freebsdfreebsdMatch5.0

CPENameOperatorVersion
freebsd:freebsdfreebsdeq1.1.5.1
freebsd:freebsdfreebsdeq2.1.0
freebsd:freebsdfreebsdeq2.1.5
freebsd:freebsdfreebsdeq2.1.6
freebsd:freebsdfreebsdeq2.1.6.1
freebsd:freebsdfreebsdeq2.1.7
freebsd:freebsdfreebsdeq2.1.7.1
freebsd:freebsdfreebsdeq2.2
freebsd:freebsdfreebsdeq2.2.1
freebsd:freebsdfreebsdeq2.2.2

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	1.1.5.1
freebsd:freebsd	freebsd	eq	2.1.0
freebsd:freebsd	freebsd	eq	2.1.5
freebsd:freebsd	freebsd	eq	2.1.6
freebsd:freebsd	freebsd	eq	2.1.6.1
freebsd:freebsd	freebsd	eq	2.1.7
freebsd:freebsd	freebsd	eq	2.1.7.1
freebsd:freebsd	freebsd	eq	2.2
freebsd:freebsd	freebsd	eq	2.2.1
freebsd:freebsd	freebsd	eq	2.2.2

Rows per page:

1-10 of 321

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:44.filedesc.asc

archives.neohapsis.com/archives/bugtraq/2003-01/0057.html

archives.neohapsis.com/archives/vulnwatch/2003-q1/0006.html

secunia.com/advisories/7821

www.iss.net/security_center/static/10993.php

www.pine.nl/press/pine-cert-20030101.txt

www.securityfocus.com/archive/1/305308/30/26420/threaded

www.securityfocus.com/bid/6524

www.securitytracker.com/id?1005898

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.6%

JSON

Related for CVE-2003-1234

nvd1 cvelist1