CVE-2004-1772

Severity Score

4.6

*CVSS v2

*EPSS

*CPE

*Multiple Sources

*KEV

*SSVC

Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

URL	Tag	Source
https://exchange.xforce.ibmcloud.com/vulnerabilities/15759	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11722	Signature

URL	Date	SRC
http://www.securityfocus.com/archive/1/359639	2024-08-08

URL	Date	SRC
http://www.securityfocus.com/bid/10066	2017-10-11
https://bugzilla.fedora.us/show_bug.cgi?id=2155	2017-10-11

URL	Date	SRC
http://marc.info/?l=bugtraq&m=108137386310299&w=2	2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-377.html	2017-10-11
https://access.redhat.com/security/cve/CVE-2004-1772	2005-04-26
https://bugzilla.redhat.com/show_bug.cgi?id=1617417	2005-04-26

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Gnu Search vendor "Gnu"		Sharutils Search vendor "Gnu" for product "Sharutils"				4.2 Search vendor "Gnu" for product "Sharutils" and version "4.2"		-		Affected
Gnu Search vendor "Gnu"		Sharutils Search vendor "Gnu" for product "Sharutils"				4.2.1 Search vendor "Gnu" for product "Sharutils" and version "4.2.1"		-		Affected