CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 2CVE-2003-0853 – Coreutils 4.5.x - LS Width Argument Integer Overflow
https://notcve.org/view.php?id=CVE-2003-0853
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. Un desbordamiento de enteros en ls en los paquetes fileutils o coreutils puede permitir a usuarios locales causar una denegación de servicio o ejecutar código arbitrario mediante un valor -w, lo que podría ser explotado remotamente mediante aplicaciones que usan ls, como wu-ftpd. • https://www.exploit-db.com/exploits/23274 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html http://secunia.com/advisories/10126 http://secunia.com/advisories/17069 http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf http://www.guninski.com/binls.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:106 ht •
CVSS: 2.1EPSS: 0%CPEs: 26EXPL: 1CVE-2003-0854 – WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2003-0854
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. ls en los paquetes fileutils o coreutils permite a usuarios locales consumir una gran cantidad de memoria mediante un valor -w, lo que puede ser explotado remotamente mediante aplicaciones que usan ls, com wu-ftpd. • https://www.exploit-db.com/exploits/115 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html http://secunia.com/advisories/10126 http://secunia.com/advisories/17069 http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf http://www.debian.org/security/2005/dsa-705 http://www.guninski.com/binls.html http://www.ma •
CVSS: 7.5EPSS: 27%CPEs: 13EXPL: 2CVE-2003-0720 – Pine 4.56 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0720
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. Desbordamiento de búfer en PINE anteriores a 4.58 permite a atacantes remotos ejecuta código arbitrario mediante un tipo MIME "message/external-body" malformado. • https://www.exploit-db.com/exploits/99 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0099.html http://marc.info/?l=bugtraq&m=106322571805153&w=2 http://marc.info/?l=bugtraq&m=106329356702508&w=2 http://www.idefense.com/advisory/09.10.03.txt http://www.redhat.com/support/errata/RHSA-2003-273.html http://www.redhat.com/support/errata/RHSA-2003-274.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A499 https://access& •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 1CVE-2003-0721
https://notcve.org/view.php?id=CVE-2003-0721
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. Error de falta de signo de entero en rfc2231_get_param de strings.c en PINE anteriores a 4.58 permite a atacantes remotos ejecutar mediante un correo electrónico que causa un acceso fuera de límites de un array usando un número negativo. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009850.html http://marc.info/?l=bugtraq&m=106329356702508&w=2 http://marc.info/?l=bugtraq&m=106367213400313&w=2 http://www.idefense.com/advisory/09.10.03.txt http://www.redhat.com/support/errata/RHSA-2003-273.html http://www.redhat.com/support/errata/RHSA-2003-274.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A503 https://access.redhat.com/security/cve/CVE-2003& • CWE-129: Improper Validation of Array Index •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2003-0300
https://notcve.org/view.php?id=CVE-2003-0300
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. El cliente IMAP para Sylpheed 0.8.11 permite que servidores IMAP remotos dañinos originen una denegación de servicio (caída) mediante ciertos tamaños literales muy largos que causan desbordamientos de búfer de enteros. • http://marc.info/?l=bugtraq&m=105294024124163&w=2 •