CVE-2003-0962

{"id": "CVE-2003-0962", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2003-12-15T05:00:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U", "source": "cve@mitre.org"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=107055681311602&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=107055684711629&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=107055702911867&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=107056923528423&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10353", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10354", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10355", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10356", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10357", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10358", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10359", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10360", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10361", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10362", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10363", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10364", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10378", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10474", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/325603", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/2898", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/9153", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415", "source": "cve@mitre.org"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=107055681311602&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=107055684711629&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=107055702911867&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=107056923528423&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10353", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10354", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10355", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10356", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10357", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10358", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10359", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10360", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10361", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10362", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10363", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10364", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10378", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/10474", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/325603", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/2898", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/9153", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el mont\u00f3n en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y posiblemente escapar del confinamiento chroot."}], "lastModified": "2024-11-20T23:45:57.717", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "138253E8-6342-4A88-89E6-B579782BC273"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06A95770-7838-4D26-98BD-F3C0A264C431"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26EB2DBC-F71C-4D86-9436-FA06B7244F1E"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41681E68-E4D3-4466-8BAF-12F38D670C73"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C472D33-56FC-4939-A800-00C319D44D45"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D57C7AF3-A648-44E3-9ABF-D546B34BDC02"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38450ED2-6642-4ADB-ACBC-702588904B50"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC163657-8FD5-4578-8452-49ABAA1121D5"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAFB0E34-5886-454E-9680-640F8FE6A4B6"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA756243-887B-42FD-9A68-2D54CE44AA0A"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "502E8AC0-7293-41A0-BA17-873DEE5133DB"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55E84BFA-DAF8-4842-8542-E244FE16CBD8"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DC02AD4-07B4-4A35-BB74-7228A1CDABE1"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33B1ECCC-AAF1-4A3A-BDFA-7955E1AA3683"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC4726E9-246B-4C6F-8253-0F09886749A0"}, {"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59CAA1CD-09D5-40CC-9A27-738B4028BF05"}, {"criteria": "cpe:2.3:a:redhat:rsync:2.4.6-2:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3AC2944-7891-474C-8CEE-FC79129AC6F7"}, {"criteria": "cpe:2.3:a:redhat:rsync:2.4.6-5:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88D09EE3-7737-49EE-B8F6-5775228DA1C1"}, {"criteria": "cpe:2.3:a:redhat:rsync:2.4.6-5:*:ia64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F7E7DAE-7D7F-4D3F-A3CE-DF2E3650F145"}, {"criteria": "cpe:2.3:a:redhat:rsync:2.5.4-2:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "151183D0-4807-470D-808B-115AD366BEAB"}, {"criteria": "cpe:2.3:a:redhat:rsync:2.5.5-1:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7DB4650-6A89-480E-BAFA-C2E3F4521601"}, {"criteria": "cpe:2.3:a:redhat:rsync:2.5.5-4:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0730AD53-5419-4144-AE01-143142AD6404"}, {"criteria": "cpe:2.3:o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "444E0C0D-5121-4B89-BEF2-7D070AD2C8C8"}, {"criteria": "cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "835156D0-D0D8-4A82-9342-95E7239E3477"}, {"criteria": "cpe:2.3:o:engardelinux:secure_linux:1.1:*:professional:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E61A9563-ECBE-41DB-A973-E0DEE41BE28F"}, {"criteria": "cpe:2.3:o:engardelinux:secure_linux:1.2:*:professional:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E164271C-4A66-4DE2-890A-6A21D45F77D9"}, {"criteria": "cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E62C413-935F-459C-8F11-73F5B483E759"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}