7.5

CVE-2003-0773

saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SaneSane Version1.0.0
SaneSane Version1.0.1
SaneSane Version1.0.2
SaneSane Version1.0.3
SaneSane Version1.0.4
SaneSane Version1.0.5
SaneSane Version1.0.6
SaneSane Version1.0.7
SaneSane Version1.0.7_beta1
SaneSane Version1.0.7_beta2
SaneSane Version1.0.8
SaneSane Version1.0.9
SaneSane-backend Version1.0.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.89% 0.769
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt
http://www.debian.org/security/2003/dsa-379
http://www.mandriva.com/security/advisories?name=MDKSA-2003:099
http://www.novell.com/linux/security/advisories/2003_046_sane.html
http://www.redhat.com/support/errata/RHSA-2003-278.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2003-285.html
http://www.securityfocus.com/bid/8593
http://www.securityfocus.com/bid/8595
Patch
Vendor Advisory