| Vulnerability Name: | CVE-2003-0620 (CCN-12766) | ||||||||||||||||
| Assigned: | 2003-07-29 | ||||||||||||||||
| Published: | 2003-07-29 | ||||||||||||||||
| Updated: | 2016-10-18 | ||||||||||||||||
| Summary: | Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable. | ||||||||||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jul 29 2003 - 16:03:08 CDT man-db[] multiple(4) vulnerabilities. Source: MITRE Type: CNA CVE-2003-0620 Source: BUGTRAQ Type: UNKNOWN 20030729 man-db[] multiple(4) vulnerabilities. Source: BUGTRAQ Type: UNKNOWN 20030730 Re: man-db[] multiple(4) vulnerabilities. Source: CCN Type: BugTraq Mailing List, 2003-08-08 13:51:12 New man-db packages fix problem with DSA-364-1 Source: DEBIAN Type: Patch, Vendor Advisory DSA-364 Source: DEBIAN Type: DSA-364 man-db -- buffer overflows Source: CCN Type: BID-8303 Multiple ManDB Utility Local Buffer Overflow Vulnerabilities Source: XF Type: UNKNOWN mandb-addtodirlist-bo(12766) | ||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||
| Vulnerability Name: | CVE-2003-0620 (CCN-12767) | ||||||||||||||||
| Assigned: | 2003-07-29 | ||||||||||||||||
| Published: | 2003-07-29 | ||||||||||||||||
| Updated: | 2016-10-18 | ||||||||||||||||
| Summary: | Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable. | ||||||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
| ||||||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jul 29 2003 - 16:03:08 CDT man-db[] multiple(4) vulnerabilities. Source: MITRE Type: CNA CVE-2003-0620 Source: CCN Type: BugTraq Mailing List, 2003-08-08 13:51:12 New man-db packages fix problem with DSA-364-1 Source: DEBIAN Type: DSA-364 man-db -- buffer overflows Source: XF Type: UNKNOWN mandb-command-line-bo(12767) | ||||||||||||||||
| Vulnerability Name: | CVE-2003-0620 (CCN-12768) | ||||||||||||||||
| Assigned: | 2003-07-29 | ||||||||||||||||
| Published: | 2003-07-29 | ||||||||||||||||
| Updated: | 2003-07-29 | ||||||||||||||||
| Summary: | man-db is vulnerable to a buffer overflow, caused by insufficient bounds checking of the .so function, when it attempts to redirect memory. By supplying an overly long string, a remote attacker can overflow a buffer and cause a segmentation fault. | ||||||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
| ||||||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jul 29 2003 - 16:03:08 CDT man-db[] multiple(4) vulnerabilities. Source: MITRE Type: CNA CVE-2003-0620 Source: CCN Type: BugTraq Mailing List, 2003-08-08 13:51:12 New man-db packages fix problem with DSA-364-1 Source: DEBIAN Type: DSA-364 man-db -- buffer overflows Source: XF Type: UNKNOWN mandb-so-bo(12768) | ||||||||||||||||
| Vulnerability Name: | CVE-2003-0620 (CCN-12769) | ||||||||||||||||
| Assigned: | 2003-07-29 | ||||||||||||||||
| Published: | 2003-07-29 | ||||||||||||||||
| Updated: | 2003-07-29 | ||||||||||||||||
| Summary: | man-db is vulnerable to a buffer overflow, caused by insufficient bounds checking of variables in multiple functions. By supplying an overly long string to the PATH and MANPATH variables, a remote attacker can overflow a buffer and cause a segmentation fault. | ||||||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
| ||||||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jul 29 2003 - 16:03:08 CDT man-db[] multiple(4) vulnerabilities. Source: MITRE Type: CNA CVE-2003-0620 Source: CCN Type: BugTraq Mailing List, 2003-08-08 13:51:12 New man-db packages fix problem with DSA-364-1 Source: DEBIAN Type: DSA-364 man-db -- buffer overflows Source: XF Type: UNKNOWN mandb-multiple-functions-bo(12769) | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||