CVE-2003-0575

Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
ftp://patches.sgi.com/support/free/security/advisories/20030704-01-P	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=105958240709302&w=2
http://secunia.com/advisories/9390
http://www.ciac.org/ciac/bulletins/n-130.shtml
http://www.kb.cert.org/vuls/id/682900	US Government Resource
http://www.osvdb.org/2337
http://www.securityfocus.com/bid/8304	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/12763
ftp://patches.sgi.com/support/free/security/advisories/20030704-01-P	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=105958240709302&w=2
http://secunia.com/advisories/9390
http://www.ciac.org/ciac/bulletins/n-130.shtml
http://www.kb.cert.org/vuls/id/682900	US Government Resource
http://www.osvdb.org/2337
http://www.securityfocus.com/bid/8304	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/12763

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:sgi:irix:6.5:::::::*
	cpe:2.3:o:sgi:irix:6.5.1:::::::*
	cpe:2.3:o:sgi:irix:6.5.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.3:::::::*
	cpe:2.3:o:sgi:irix:6.5.4:::::::*
	cpe:2.3:o:sgi:irix:6.5.5:::::::*
	cpe:2.3:o:sgi:irix:6.5.6:::::::*
	cpe:2.3:o:sgi:irix:6.5.7:::::::*
	cpe:2.3:o:sgi:irix:6.5.8:::::::*
	cpe:2.3:o:sgi:irix:6.5.9:::::::*
	cpe:2.3:o:sgi:irix:6.5.10:::::::*
	cpe:2.3:o:sgi:irix:6.5.11:::::::*
	cpe:2.3:o:sgi:irix:6.5.12:::::::*
	cpe:2.3:o:sgi:irix:6.5.13:::::::*
	cpe:2.3:o:sgi:irix:6.5.14:::::::*
	cpe:2.3:o:sgi:irix:6.5.15:::::::*
	cpe:2.3:o:sgi:irix:6.5.16:::::::*
	cpe:2.3:o:sgi:irix:6.5.17:::::::*
	cpe:2.3:o:sgi:irix:6.5.17f:::::::*
	cpe:2.3:o:sgi:irix:6.5.17m:::::::*
	cpe:2.3:o:sgi:irix:6.5.18:::::::*
	cpe:2.3:o:sgi:irix:6.5.18f:::::::*
	cpe:2.3:o:sgi:irix:6.5.18m:::::::*
	cpe:2.3:o:sgi:irix:6.5.19:::::::*
	cpe:2.3:o:sgi:irix:6.5.19f:::::::*
	cpe:2.3:o:sgi:irix:6.5.19m:::::::*
	cpe:2.3:o:sgi:irix:6.5.20:::::::*
	cpe:2.3:o:sgi:irix:6.5.20f:::::::*
	cpe:2.3:o:sgi:irix:6.5.20m:::::::*
	cpe:2.3:o:sgi:irix:6.5.21:::::::*
	cpe:2.3:o:sgi:irix:6.5.21f:::::::*
	cpe:2.3:o:sgi:irix:6.5.21m:::::::*

History

20 Nov 2024, 23:45

Type	Values Removed	Values Added
References	~~() ftp://patches.sgi.com/support/free/security/advisories/20030704-01-P - Patch, Vendor Advisory~~	() ftp://patches.sgi.com/support/free/security/advisories/20030704-01-P - Patch, Vendor Advisory
References	~~() http://marc.info/?l=bugtraq&m=105958240709302&w=2 -~~	() http://marc.info/?l=bugtraq&m=105958240709302&w=2 -
References	~~() http://secunia.com/advisories/9390 -~~	() http://secunia.com/advisories/9390 -
References	~~() http://www.ciac.org/ciac/bulletins/n-130.shtml -~~	() http://www.ciac.org/ciac/bulletins/n-130.shtml -
References	~~() http://www.kb.cert.org/vuls/id/682900 - US Government Resource~~	() http://www.kb.cert.org/vuls/id/682900 - US Government Resource
References	~~() http://www.osvdb.org/2337 -~~	() http://www.osvdb.org/2337 -
References	~~() http://www.securityfocus.com/bid/8304 - Vendor Advisory~~	() http://www.securityfocus.com/bid/8304 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/12763 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/12763 -

Information

Published : 2003-08-27 04:00

Updated : 2024-11-20 23:45

NVD link : CVE-2003-0575

Mitre link : CVE-2003-0575

CVE.ORG link : CVE-2003-0575

JSON object : View

Products Affected

sgi

irix

CWE

NVD-CWE-Other

10.0 /10