CVSS: 7.5EPSS: 5%CPEs: 8EXPL: 0CVE-2003-0730
https://notcve.org/view.php?id=CVE-2003-0730
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821 http://marc.info/?l=bugtraq&m=106229335312429&w=2 http://secunia.com/advisories/24168 http://secunia.com/advisories/24247 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1 http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm http:// •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2003-0653
https://notcve.org/view.php?id=CVE-2003-0653
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. El kernel de red OSI (sys/netiso) en NetBSD 1.6.1 y anteriores no usa un mbuf "PKTHDR" requerido por BSD cuando envia ciertas respuestas de error al enviador de un paquete OSI, lo que permite a atacantes remotos causar un denegación de servicio (caída o pánico del kernel) mediante ciertos paquetes OSI. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-010.txt.asc •
CVSS: 10.0EPSS: 79%CPEs: 8EXPL: 7CVE-2003-0466 – FreeBSD 4.8 - 'realpath()' Off-by-One Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. Error de fuera-por-uno (off-by-one) en la función fb_realpath(), derivada de la función realpath de BSD, pude permitir a atacantes ejecutar código arbitrario, como se ha demostrado en wu-ftpd 2.5.0 a 2.6.2 mediante comandos que causan que nombres de rutas de tamaño MAXPATHLEN+1 disparen un desbordamiento de búfer, incluyendo: (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, y (8) RNTO. • https://www.exploit-db.com/exploits/22976 https://www.exploit-db.com/exploits/78 https://www.exploit-db.com/exploits/74 https://www.exploit-db.com/exploits/22974 https://www.exploit-db.com/exploits/22975 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01 http://isec.pl/vulnerabilities/isec-0011-wu • CWE-193: Off-by-one Error •