CVE-2003-0252

Current Description

Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.

Basic Data

Published	August 18, 2003
Last Modified	May 03, 2018
Assigner	cve@mitre.org
Data Type	CVE
Data Format	MITRE
Data Version	4.0
Problem Type	NVD-CWE-Other
CVE Data Version	4.0

Base Metric V2

CVSS 2 - Version	2.0
CVSS 2 - Vector String	AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access Vector	NETWORK
CVSS 2 - Access Complexity	LOW
CVSS 2 - Authentication	NONE
CVSS 2 - Confidentiality Impact	COMPLETE
CVSS 2 - Availability Impact	COMPLETE
CVSS 2 - Base Score	10.0
Severity	HIGH
Exploitability Score	10.0
Impact Score	10.0
Obtain All Privilege	true
Obtain User Privilege	false
Obtain Other Privilege	false

Base Metric V3

No data provided.

Configurations

OR - Configuration 1

Cpe Version	Part	Vendor	Product	Version	Update	Edition	Language	SW Edition	Target SW	Target HW	Other
2.3	Application	Nfs	Nfs-utils	0.2	*	*	*	*	*	*	*
2.3	Application	Nfs	Nfs-utils	0.2.1	*	*	*	*	*	*	*
2.3	Application	Nfs	Nfs-utils	0.3.1	*	*	*	*	*	*	*
2.3	Application	Nfs	Nfs-utils	0.3.3	*	*	*	*	*	*	*
2.3	Application	Nfs	Nfs-utils	1.0	*	*	*	*	*	*	*
2.3	Application	Nfs	Nfs-utils	1.0.1	*	*	*	*	*	*	*
2.3	Application	Nfs	Nfs-utils	1.0.3	*	*	*	*	*	*	*

Vulnerable Software List

Vendor	Product	Versions
Nfs	Nfs-utils	0.2, 0.2.1, 0.3.1, 0.3.3, 1.0, 1.0.1, 1.0.3

References

Name	Source	URL	Tags
20030714 Linux nfs-utils xlog() off-by-one bug	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0023.html	VULNWATCH	Vendor Advisory
20030714 Reality of the rpc.mountd bug	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0024.html	VULNWATCH	Vendor Advisory
http://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txt	http://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txt	MISC
20030714 Linux nfs-utils xlog() off-by-one bug	http://marc.info/?l=bugtraq&m=105820223707191&w=2	BUGTRAQ
20030715 [slackware-security] nfs-utils packages replaced (SSA:2003-195-01b)	http://marc.info/?l=bugtraq&m=105830921519513&w=2	BUGTRAQ
20030716 Immunix Secured OS 7+ nfs-utils update -- bugtraq	http://marc.info/?l=bugtraq&m=105839032403325&w=2	BUGTRAQ
9259	http://secunia.com/advisories/9259	SECUNIA
1007187	http://securitytracker.com/id?1007187	SECTRACK
1001262	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001262.1-1	SUNALERT
DSA-349	http://www.debian.org/security/2003/dsa-349	DEBIAN
VU#258564	http://www.kb.cert.org/vuls/id/258564	CERT-VN	US Government Resource
MDKSA-2003:076	http://www.mandriva.com/security/advisories?name=MDKSA-2003:076	MANDRAKE
SuSE-SA:2003:031	http://www.novell.com/linux/security/advisories/2003_031_nfs_utils.html	SUSE
RHSA-2003:206	http://www.redhat.com/support/errata/RHSA-2003-206.html	REDHAT
RHSA-2003:207	http://www.redhat.com/support/errata/RHSA-2003-207.html	REDHAT
8179	http://www.securityfocus.com/bid/8179	BID
TLSA-2003-44	http://www.turbolinux.com/security/TLSA-2003-44.txt	TURBO
nfs-utils-offbyone-bo(12600)	https://exchange.xforce.ibmcloud.com/vulnerabilities/12600	XF
oval:org.mitre.oval:def:443	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A443	OVAL