10

CVE-2003-0466

Exploit
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatWu Ftpd Version2.6.1-16
WuftpdWu-ftpd Version >= 2.5.0 <= 2.6.2
ApplemacOS X Version10.2.6
ApplemacOS X Server Version10.2.6
FreebsdFreebsd Version >= 4.0 <= 5.0
NetbsdNetbsd Version >= 1.5 <= 1.6.1
OpenbsdOpenbsd Version >= 2.0 <= 3.3
SunSolaris Version9.0 SwPlatformsparc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 78.12% 0.995
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-193 Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc
Broken Link
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html
Vendor Advisory
Exploit
Broken Link
http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01
Broken Link
http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
Broken Link
http://marc.info/?l=bugtraq&m=105967301604815&w=2
Mailing List
http://marc.info/?l=bugtraq&m=106001410028809&w=2
Mailing List
http://marc.info/?l=bugtraq&m=106001702232325&w=2
Mailing List
http://marc.info/?l=bugtraq&m=106002488209129&w=2
Mailing List
http://secunia.com/advisories/9423
Broken Link
http://secunia.com/advisories/9446
Broken Link
http://secunia.com/advisories/9447
Broken Link
http://secunia.com/advisories/9535
Broken Link
http://securitytracker.com/id?1007380
Third Party Advisory
Broken Link
VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1
Broken Link
http://www.debian.org/security/2003/dsa-357
Broken Link
http://www.kb.cert.org/vuls/id/743092
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2003:080
Third Party Advisory
http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html
Broken Link
http://www.osvdb.org/6602
Broken Link
http://www.redhat.com/support/errata/RHSA-2003-245.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2003-246.html
Broken Link
http://www.securityfocus.com/archive/1/424852/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/archive/1/425061/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/8315
Patch
Third Party Advisory
Vendor Advisory
Exploit
Broken Link
VDB Entry
http://www.turbolinux.com/security/TLSA-2003-46.txt
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/12785
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970
Broken Link