CVE-2003-0853 – Coreutils 4.5.x - LS Width Argument Integer Overflow
https://notcve.org/view.php?id=CVE-2003-0853
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. Un desbordamiento de enteros en ls en los paquetes fileutils o coreutils puede permitir a usuarios locales causar una denegación de servicio o ejecutar código arbitrario mediante un valor -w, lo que podría ser explotado remotamente mediante aplicaciones que usan ls, como wu-ftpd. • https://www.exploit-db.com/exploits/23274 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html http://secunia.com/advisories/10126 http://secunia.com/advisories/17069 http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf http://www.guninski.com/binls.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:106 ht •
CVE-2003-0854 – WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2003-0854
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. ls en los paquetes fileutils o coreutils permite a usuarios locales consumir una gran cantidad de memoria mediante un valor -w, lo que puede ser explotado remotamente mediante aplicaciones que usan ls, com wu-ftpd. • https://www.exploit-db.com/exploits/115 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html http://secunia.com/advisories/10126 http://secunia.com/advisories/17069 http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf http://www.debian.org/security/2005/dsa-705 http://www.guninski.com/binls.html http://www.ma •
CVE-2003-0466 – FreeBSD 4.8 - 'realpath()' Off-by-One Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. Error de fuera-por-uno (off-by-one) en la función fb_realpath(), derivada de la función realpath de BSD, pude permitir a atacantes ejecutar código arbitrario, como se ha demostrado en wu-ftpd 2.5.0 a 2.6.2 mediante comandos que causan que nombres de rutas de tamaño MAXPATHLEN+1 disparen un desbordamiento de búfer, incluyendo: (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, y (8) RNTO. • https://www.exploit-db.com/exploits/22976 https://www.exploit-db.com/exploits/78 https://www.exploit-db.com/exploits/74 https://www.exploit-db.com/exploits/22974 https://www.exploit-db.com/exploits/22975 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01 http://isec.pl/vulnerabilities/isec-0011-wu • CWE-193: Off-by-one Error •