CVE-2003-0252

Current Description

Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.

Basic Data

PublishedAugust 18, 2003
Last ModifiedMay 03, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationNfsNfs-utils0.2*******
    2.3ApplicationNfsNfs-utils0.2.1*******
    2.3ApplicationNfsNfs-utils0.3.1*******
    2.3ApplicationNfsNfs-utils0.3.3*******
    2.3ApplicationNfsNfs-utils1.0*******
    2.3ApplicationNfsNfs-utils1.0.1*******
    2.3ApplicationNfsNfs-utils1.0.3*******

Vulnerable Software List

VendorProductVersions
Nfs Nfs-utils 0.2, 0.2.1, 0.3.1, 0.3.3, 1.0, 1.0.1, 1.0.3

References

NameSourceURLTags
20030714 Linux nfs-utils xlog() off-by-one bughttp://archives.neohapsis.com/archives/vulnwatch/2003-q3/0023.htmlVULNWATCHVendor Advisory
20030714 Reality of the rpc.mountd bughttp://archives.neohapsis.com/archives/vulnwatch/2003-q3/0024.htmlVULNWATCHVendor Advisory
http://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txthttp://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txtMISC
20030714 Linux nfs-utils xlog() off-by-one bughttp://marc.info/?l=bugtraq&m=105820223707191&w=2BUGTRAQ
20030715 [slackware-security] nfs-utils packages replaced (SSA:2003-195-01b)http://marc.info/?l=bugtraq&m=105830921519513&w=2BUGTRAQ
20030716 Immunix Secured OS 7+ nfs-utils update -- bugtraqhttp://marc.info/?l=bugtraq&m=105839032403325&w=2BUGTRAQ
9259http://secunia.com/advisories/9259SECUNIA
1007187http://securitytracker.com/id?1007187SECTRACK
1001262http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001262.1-1SUNALERT
DSA-349http://www.debian.org/security/2003/dsa-349DEBIAN
VU#258564http://www.kb.cert.org/vuls/id/258564CERT-VNUS Government Resource
MDKSA-2003:076http://www.mandriva.com/security/advisories?name=MDKSA-2003:076MANDRAKE
SuSE-SA:2003:031http://www.novell.com/linux/security/advisories/2003_031_nfs_utils.htmlSUSE
RHSA-2003:206http://www.redhat.com/support/errata/RHSA-2003-206.htmlREDHAT
RHSA-2003:207http://www.redhat.com/support/errata/RHSA-2003-207.htmlREDHAT
8179http://www.securityfocus.com/bid/8179BID
TLSA-2003-44http://www.turbolinux.com/security/TLSA-2003-44.txtTURBO
nfs-utils-offbyone-bo(12600)https://exchange.xforce.ibmcloud.com/vulnerabilities/12600XF
oval:org.mitre.oval:def:443https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A443OVAL