Lucene search

[email protected]NVD:CVE-2003-0962

HistoryDec 15, 2003 - 5:00 a.m.

CVE-2003-0962

2003-12-1505:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.379 Low

EPSS

Percentile

97.2%

JSON

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

Affected configurations

NVD

Node

andrew_tridgellrsyncMatch2.3.1

andrew_tridgellrsyncMatch2.3.2

andrew_tridgellrsyncMatch2.4.0

andrew_tridgellrsyncMatch2.4.1

andrew_tridgellrsyncMatch2.4.3

andrew_tridgellrsyncMatch2.4.4

andrew_tridgellrsyncMatch2.4.5

andrew_tridgellrsyncMatch2.4.6

andrew_tridgellrsyncMatch2.4.8

andrew_tridgellrsyncMatch2.5.0

andrew_tridgellrsyncMatch2.5.1

andrew_tridgellrsyncMatch2.5.2

andrew_tridgellrsyncMatch2.5.3

andrew_tridgellrsyncMatch2.5.4

andrew_tridgellrsyncMatch2.5.5

andrew_tridgellrsyncMatch2.5.6

redhatrsyncMatch2.4.6-2i386

redhatrsyncMatch2.4.6-5i386

redhatrsyncMatch2.4.6-5ia64

redhatrsyncMatch2.5.4-2i386

redhatrsyncMatch2.5.5-1i386

redhatrsyncMatch2.5.5-4i386

engardelinuxsecure_communityMatch1.0.1

engardelinuxsecure_communityMatch2.0

engardelinuxsecure_linuxMatch1.1professional

engardelinuxsecure_linuxMatch1.2professional

engardelinuxsecure_linuxMatch1.5professional

Node

slackwareslackware_linuxMatch8.1

slackwareslackware_linuxMatch9.0

slackwareslackware_linuxMatch9.1

slackwareslackware_linuxMatchcurrent

References

ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794

marc.info/?l=bugtraq&m=107055681311602&w=2

marc.info/?l=bugtraq&m=107055684711629&w=2

marc.info/?l=bugtraq&m=107055702911867&w=2

marc.info/?l=bugtraq&m=107056923528423&w=2

secunia.com/advisories/10353

secunia.com/advisories/10354

secunia.com/advisories/10355

secunia.com/advisories/10356

secunia.com/advisories/10357

secunia.com/advisories/10358

secunia.com/advisories/10359

secunia.com/advisories/10360

secunia.com/advisories/10361

secunia.com/advisories/10362

secunia.com/advisories/10363

secunia.com/advisories/10364

secunia.com/advisories/10378

secunia.com/advisories/10474

www.kb.cert.org/vuls/id/325603

www.mandriva.com/security/advisories?name=MDKSA-2003:111

www.osvdb.org/2898

www.redhat.com/support/errata/RHSA-2003-398.html

www.securityfocus.com/bid/9153

exchange.xforce.ibmcloud.com/vulnerabilities/13899

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.379 Low

EPSS

Percentile

97.2%

JSON

Related for NVD:CVE-2003-0962

nessus10 cve1 canvas1 openvas6 checkpoint_advisories1 redhat1 debiancve1 freebsd1 gentoo1 osv1 debian2 cvelist1 suse1 cert1