5

CVE-2003-0777

Exploit
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SaneSane Version1.0.0
SaneSane Version1.0.1
SaneSane Version1.0.2
SaneSane Version1.0.3
SaneSane Version1.0.4
SaneSane Version1.0.5
SaneSane Version1.0.6
SaneSane Version1.0.7
SaneSane Version1.0.7_beta1
SaneSane Version1.0.7_beta2
SaneSane Version1.0.8
SaneSane Version1.0.9
SaneSane-backend Version1.0.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.77% 0.753
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt
http://www.debian.org/security/2003/dsa-379
Patch
Vendor Advisory
Exploit
http://www.mandriva.com/security/advisories?name=MDKSA-2003:099
http://www.novell.com/linux/security/advisories/2003_046_sane.html
http://www.redhat.com/support/errata/RHSA-2003-278.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2003-285.html
http://www.securityfocus.com/bid/8593
http://www.securityfocus.com/bid/8597