Lucene search

[email protected]CVE-2003-1441

HistoryOct 23, 2007 - 1:00 a.m.

CVE-2003-1441

2007-10-2301:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2003-1441

posadis

denial of service

crash

null dereference

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denial of service (crash) via a DNS message without a question section, which triggers null dereference.

Affected configurations

NVD

Node

posadisposadisMatch0.50.4

posadisposadisMatch0.50.5

posadisposadisMatch0.50.6

posadisposadisMatch0.50.7

posadisposadisMatch0.50.8

CPENameOperatorVersion
posadis:posadisposadiseq0.50.4
posadis:posadisposadiseq0.50.5
posadis:posadisposadiseq0.50.6
posadis:posadisposadiseq0.50.7
posadis:posadisposadiseq0.50.8

CPE	Name	Operator	Version
posadis:posadis	posadis	eq	0.50.4
posadis:posadis	posadis	eq	0.50.5
posadis:posadis	posadis	eq	0.50.6
posadis:posadis	posadis	eq	0.50.7
posadis:posadis	posadis	eq	0.50.8

References

secunia.com/advisories/8018

www.osvdb.org/3522

www.posadis.org/advisories/pos_adv_003.txt

www.securityfocus.com/bid/6799

exchange.xforce.ibmcloud.com/vulnerabilities/11285

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for CVE-2003-1441

nvd1 cvelist1