CVE-2004-0045

Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2004-01/0063.html	Patch Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2004-01/0064.html	Patch Vendor Advisory
http://secunia.com/advisories/10578
http://www.kb.cert.org/vuls/id/759020	US Government Resource
http://www.securityfocus.com/bid/9382	Patch Vendor Advisory
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.365791
https://exchange.xforce.ibmcloud.com/vulnerabilities/14190

Configurations

Configuration 1 (hide)

cpe:2.3:a:isc:inn:2.4.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-02-03 05:00

Updated : 2024-02-28 10:24

NVD link : CVE-2004-0045

Mitre link : CVE-2004-0045

CVE.ORG link : CVE-2004-0045

JSON object : View

Products Affected

isc

inn

CWE

NVD-CWE-Other

{"id": "CVE-2004-0045", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-02-03T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0063.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0064.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10578", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/759020", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/9382", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.365791", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14190", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el c\u00f3digo de control del mensaje en INN 2.4.0 puede permitir que atacantes remotos ejecuten c\u00f3digo arbitrario."}], "lastModified": "2017-10-10T01:30:16.703", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:isc:inn:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F861584-D429-4E41-9003-97753BA64228"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}