Vulnerability Name: | CVE-2003-0565 (CCN-13601) | ||||||||
Assigned: | 2003-11-04 | ||||||||
Published: | 2003-11-04 | ||||||||
Updated: | 2005-10-20 | ||||||||
Summary: | Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2003-0565 Source: CCN Type: US-CERT VU#927278 Multiple vulnerabilities in X.400 implementations Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#927278 Source: CCN Type: OSVDB ID: 12319 Multiple Vendor X.400 Protocol Malformed ASN.1 Construct Command Execution Source: CCN Type: SecuriTeam Mailing List, Security Holes & Exploits 18 Jan 2004 Malformed ASN.1 Exploit Code Source: CCN Type: NISCC Vulnerability Advisory 006489/X400 Vulnerability Issues in Implementations of the X.400 Protocol Source: MISC Type: Vendor Advisory http://www.uniras.gov.uk/vuls/2003/006489/x400.htm Source: XF Type: UNKNOWN x400-message-bo(13601) | ||||||||
BACK |