CVE-2003-0021
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.
La característica "volcado de pantalla" en Eterm 0.9.1 y anteriores permite a atacantes sobreescribir ficheros arbitrarios mediante una cierta secuencia de escape de caracteres cuando hacen eco en el terminal de un usuario, por ejemplo, cuando el usuario ve un fichero conteniendo la secuencia maliciosa.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-01-07 CVE Reserved
- 2003-03-03 CVE Published
- 2024-02-08 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=104612710031920&w=2 | Mailing List | |
| http://www.securityfocus.com/bid/6936 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html | 2016-10-18 | |
| http://www.iss.net/security_center/static/11413.php | 2016-10-18 | |
| http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040 | 2016-10-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Michael Jennings Search vendor "Michael Jennings" | Eterm Search vendor "Michael Jennings" for product "Eterm" | 0.8.10 Search vendor "Michael Jennings" for product "Eterm" and version "0.8.10" | - |
Affected
| ||||||
| Michael Jennings Search vendor "Michael Jennings" | Eterm Search vendor "Michael Jennings" for product "Eterm" | 0.9.1 Search vendor "Michael Jennings" for product "Eterm" and version "0.9.1" | - |
Affected
| ||||||