5

CVE-2003-0775

Exploit
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SaneSane Version1.0.0
SaneSane Version1.0.1
SaneSane Version1.0.2
SaneSane Version1.0.3
SaneSane Version1.0.4
SaneSane Version1.0.5
SaneSane Version1.0.6
SaneSane Version1.0.7
SaneSane Version1.0.7_beta1
SaneSane Version1.0.7_beta2
SaneSane Version1.0.8
SaneSane Version1.0.9
SaneSane-backend Version1.0.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.04% 0.786
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt
http://www.debian.org/security/2003/dsa-379
Patch
Vendor Advisory
Exploit
http://www.mandriva.com/security/advisories?name=MDKSA-2003:099
http://www.novell.com/linux/security/advisories/2003_046_sane.html
http://www.redhat.com/support/errata/RHSA-2003-278.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2003-285.html
http://www.securityfocus.com/bid/8593
http://www.securityfocus.com/bid/8600
Patch
Vendor Advisory