Lucene search
HistoryOct 28, 2013 - 10:55 p.m.
CVE-2013-4391
cve-2013-4391
integer overflow
systemd
journald-native.c
denial of service
crash
execute arbitrary code
buffer overflow
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8
Confidence
Low
EPSS
0.055
Percentile
93.2%
Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.
Affected configurations
Node
systemd_projectsystemdRange<190
Node
debiandebian_linuxMatch7.0
References
Related
debiancve
debiancve
CVE-2013-4391
2013-10-28 22:55:03
prion
prion
Integer overflow
2013-10-28 22:55:00
ubuntucve
ubuntucve
CVE-2013-4391
2013-10-28 00:00:00
nvd
nvd
CVE-2013-4391
2013-10-28 22:55:03
cvelist
cvelist
CVE-2013-4391
2013-10-28 22:00:00
securityvulns
securityvulns
systemd security vulnerabilities
2013-10-12 00:00:00
[SECURITY] [DSA 2777-1] systemd security update
2013-10-12 00:00:00
openvas
openvas
Debian Security Advisory DSA 2777-1 (systemd - several vulnerabilities)
2013-10-11 00:00:00
Debian: Security Advisory (DSA-2777-1)
2013-10-10 00:00:00
debian
debian
[SECURITY] [DSA 2777-1] systemd security update
2013-10-11 14:33:53
nessus
nessus
Debian DSA-2777-1 : systemd - several vulnerabilities
2013-10-13 00:00:00
GLSA-201612-34 : systemd: Multiple vulnerabilities
2016-12-13 00:00:00
gentoo
gentoo
systemd: Multiple vulnerabilities
2016-12-13 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8
Confidence
Low
EPSS
0.055
Percentile
93.2%
Related for CVE-2013-4391