Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

CVE-2002-1668 (GCVE-0-2002-1668)

Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 03:34

Summary

HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/advisories/3770	vendor-advisoryx_refsource_HP
	http://www.securityfocus.com/bid/3817	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:34:55.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX0201-178",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/advisories/3770"
          },
          {
            "name": "3817",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3817"
          },
          {
            "name": "hp-mmap-dos(7844)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a \"file system weakness\" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "HPSBUX0201-178",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/advisories/3770"
        },
        {
          "name": "3817",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3817"
        },
        {
          "name": "hp-mmap-dos(7844)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1668",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a \"file system weakness\" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBUX0201-178",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/advisories/3770"
            },
            {
              "name": "3817",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3817"
            },
            {
              "name": "hp-mmap-dos(7844)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1668",
    "datePublished": "2005-06-21T04:00:00",
    "dateReserved": "2005-06-21T00:00:00",
    "dateUpdated": "2024-08-08T03:34:55.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1332 (GCVE-0-2004-1332)

Vulnerability from cvelistv5 – Published: 2005-01-06 05:00 – Updated: 2024-08-08 00:46

Summary

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://marc.info/?l=bugtraq&m=110797179710695&w=2	vendor-advisoryx_refsource_HP
	http://securitytracker.com/id?1012650	vdb-entryx_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/12077	vdb-entryx_refsource_BID
	http://marc.info/?l=bugtraq&m=110797179710695&w=2	vendor-advisoryx_refsource_HP
	http://www.kb.cert.org/vuls/id/647438	third-party-advisoryx_refsource_CERT-VN
	http://secunia.com/advisories/13608	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.idefense.com/application/poi/display?i…	third-party-advisoryx_refsource_IDEFENSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:12.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX01118",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
          },
          {
            "name": "1012650",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012650"
          },
          {
            "name": "oval:org.mitre.oval:def:5701",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
          },
          {
            "name": "12077",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12077"
          },
          {
            "name": "SSRT4883",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
          },
          {
            "name": "VU#647438",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/647438"
          },
          {
            "name": "13608",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13608"
          },
          {
            "name": "hp-ftpd-bo(18636)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
          },
          {
            "name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-12-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "HPSBUX01118",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
        },
        {
          "name": "1012650",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012650"
        },
        {
          "name": "oval:org.mitre.oval:def:5701",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
        },
        {
          "name": "12077",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12077"
        },
        {
          "name": "SSRT4883",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
        },
        {
          "name": "VU#647438",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/647438"
        },
        {
          "name": "13608",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13608"
        },
        {
          "name": "hp-ftpd-bo(18636)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
        },
        {
          "name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1332",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBUX01118",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
            },
            {
              "name": "1012650",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012650"
            },
            {
              "name": "oval:org.mitre.oval:def:5701",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
            },
            {
              "name": "12077",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12077"
            },
            {
              "name": "SSRT4883",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
            },
            {
              "name": "VU#647438",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/647438"
            },
            {
              "name": "13608",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13608"
            },
            {
              "name": "hp-ftpd-bo(18636)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
            },
            {
              "name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1332",
    "datePublished": "2005-01-06T05:00:00",
    "dateReserved": "2005-01-06T00:00:00",
    "dateUpdated": "2024-08-08T00:46:12.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0161 (GCVE-0-2003-0161)

Vulnerability from cvelistv5 – Published: 2003-04-01 05:00 – Updated: 2024-08-08 01:43

Summary

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI
	http://www.securityfocus.com/bid/7230	vdb-entryx_refsource_BID
	http://marc.info/?l=bugtraq&m=104914999806315&w=2	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-120.html	vendor-advisoryx_refsource_REDHAT
	http://www.securityfocus.com/archive/1/317135/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2003/dsa-278	vendor-advisoryx_refsource_DEBIAN
	http://www.debian.org/security/2003/dsa-290	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/archive/1/317135/30/…	vendor-advisoryx_refsource_IMMUNIX
	http://lists.apple.com/mhonarc/security-announce/…	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.cert.org/advisories/CA-2003-12.html	third-party-advisoryx_refsource_CERT
	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA…	vendor-advisoryx_refsource_CALDERA
	http://www.securityfocus.com/archive/1/316961/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-121.html	vendor-advisoryx_refsource_REDHAT
	http://distro.conectiva.com.br/atualizacoes/?id=a…	vendor-advisoryx_refsource_CONECTIVA
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20…	vendor-advisoryx_refsource_SCO
	http://www.gentoo.org/security/en/glsa/glsa-20030…	vendor-advisoryx_refsource_GENTOO
	http://lists.grok.org.uk/pipermail/full-disclosur…	mailing-listx_refsource_FULLDISC
	http://marc.info/?l=bugtraq&m=104897487512238&w=2	mailing-listx_refsource_BUGTRAQ
	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories…	vendor-advisoryx_refsource_FREEBSD
	http://www.securityfocus.com/archive/1/321997	mailing-listx_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=104896621106790&w=2	mailing-listx_refsource_BUGTRAQ
	http://www.kb.cert.org/vuls/id/897604	third-party-advisoryx_refsource_CERT-VN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.017Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1001088",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
          },
          {
            "name": "52620",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
          },
          {
            "name": "20030401-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
          },
          {
            "name": "7230",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7230"
          },
          {
            "name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
          },
          {
            "name": "RHSA-2003:120",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
          },
          {
            "name": "20030401 Immunix Secured OS 7+ openssl update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
          },
          {
            "name": "DSA-278",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-278"
          },
          {
            "name": "DSA-290",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-290"
          },
          {
            "name": "IMNX-2003-7+-002-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_IMMUNIX",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
          },
          {
            "name": "52700",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
          },
          {
            "name": "CA-2003-12",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-12.html"
          },
          {
            "name": "CSSA-2003-016.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
          },
          {
            "name": "20030331 GLSA: sendmail (200303-27)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
          },
          {
            "name": "RHSA-2003:121",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
          },
          {
            "name": "CLA-2003:614",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
          },
          {
            "name": "SCOSA-2004.11",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
          },
          {
            "name": "GLSA-200303-27",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
          },
          {
            "name": "20030329 Sendmail: -1 gone wild",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
          },
          {
            "name": "20030329 Sendmail: -1 gone wild",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
          },
          {
            "name": "FreeBSD-SA-03:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
          },
          {
            "name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/321997"
          },
          {
            "name": "20030329 sendmail 8.12.9 available",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
          },
          {
            "name": "VU#897604",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/897604"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1001088",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
        },
        {
          "name": "52620",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
        },
        {
          "name": "20030401-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
        },
        {
          "name": "7230",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7230"
        },
        {
          "name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
        },
        {
          "name": "RHSA-2003:120",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
        },
        {
          "name": "20030401 Immunix Secured OS 7+ openssl update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
        },
        {
          "name": "DSA-278",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-278"
        },
        {
          "name": "DSA-290",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-290"
        },
        {
          "name": "IMNX-2003-7+-002-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_IMMUNIX"
          ],
          "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
        },
        {
          "name": "52700",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
        },
        {
          "name": "CA-2003-12",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-12.html"
        },
        {
          "name": "CSSA-2003-016.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
        },
        {
          "name": "20030331 GLSA: sendmail (200303-27)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
        },
        {
          "name": "RHSA-2003:121",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
        },
        {
          "name": "CLA-2003:614",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
        },
        {
          "name": "SCOSA-2004.11",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
        },
        {
          "name": "GLSA-200303-27",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
        },
        {
          "name": "20030329 Sendmail: -1 gone wild",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
        },
        {
          "name": "20030329 Sendmail: -1 gone wild",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
        },
        {
          "name": "FreeBSD-SA-03:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
        },
        {
          "name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/321997"
        },
        {
          "name": "20030329 sendmail 8.12.9 available",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
        },
        {
          "name": "VU#897604",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/897604"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0161",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1001088",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
            },
            {
              "name": "52620",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
            },
            {
              "name": "20030401-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
            },
            {
              "name": "7230",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7230"
            },
            {
              "name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
            },
            {
              "name": "RHSA-2003:120",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
            },
            {
              "name": "20030401 Immunix Secured OS 7+ openssl update",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
            },
            {
              "name": "DSA-278",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-278"
            },
            {
              "name": "DSA-290",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-290"
            },
            {
              "name": "IMNX-2003-7+-002-01",
              "refsource": "IMMUNIX",
              "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
            },
            {
              "name": "http://lists.apple.com/mhonarc/security-announce/msg00028.html",
              "refsource": "CONFIRM",
              "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
            },
            {
              "name": "52700",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
            },
            {
              "name": "CA-2003-12",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-12.html"
            },
            {
              "name": "CSSA-2003-016.0",
              "refsource": "CALDERA",
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
            },
            {
              "name": "20030331 GLSA: sendmail (200303-27)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
            },
            {
              "name": "RHSA-2003:121",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
            },
            {
              "name": "CLA-2003:614",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
            },
            {
              "name": "SCOSA-2004.11",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
            },
            {
              "name": "GLSA-200303-27",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
            },
            {
              "name": "20030329 Sendmail: -1 gone wild",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
            },
            {
              "name": "20030329 Sendmail: -1 gone wild",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
            },
            {
              "name": "FreeBSD-SA-03:07",
              "refsource": "FREEBSD",
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
            },
            {
              "name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/321997"
            },
            {
              "name": "20030329 sendmail 8.12.9 available",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
            },
            {
              "name": "VU#897604",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/897604"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0161",
    "datePublished": "2003-04-01T05:00:00",
    "dateReserved": "2003-03-24T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.017Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0028 (GCVE-0-2003-0028)

Vulnerability from cvelistv5 – Published: 2003-03-21 05:00 – Updated: 2024-08-08 01:36

Summary

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.linuxsecurity.com/advisories/engarde_a…	vendor-advisoryx_refsource_ENGARDE
	http://archives.neohapsis.com/archives/vulnwatch/…	mailing-listx_refsource_VULNWATCH
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2003-052.html	vendor-advisoryx_refsource_REDHAT
	http://www.cert.org/advisories/CA-2003-10.html	third-party-advisoryx_refsource_CERT
	https://security.netapp.com/advisory/ntap-2015012…	x_refsource_CONFIRM
	http://www.debian.org/security/2003/dsa-282	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/archive/1/316960/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/archive/1/315638/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-091.html	vendor-advisoryx_refsource_REDHAT
	http://www.eeye.com/html/Research/Advisories/AD20…	third-party-advisoryx_refsource_EEYE
	http://www.kb.cert.org/vuls/id/516825	third-party-advisoryx_refsource_CERT-VN
	http://marc.info/?l=bugtraq&m=104860855114117&w=2	mailing-listx_refsource_BUGTRAQ
	ftp://ftp.netbsd.org/pub/NetBSD/security/advisori…	vendor-advisoryx_refsource_NETBSD
	http://marc.info/?l=bugtraq&m=104878237121402&w=2	vendor-advisoryx_refsource_TRUSTIX
	http://www.securityfocus.com/archive/1/316931/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-051.html	vendor-advisoryx_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=104810574423662&w=2	mailing-listx_refsource_BUGTRAQ
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.debian.org/security/2003/dsa-266	vendor-advisoryx_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2003-089.html	vendor-advisoryx_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=104811415301340&w=2	mailing-listx_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=105362148313082&w=2	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2003/dsa-272	vendor-advisoryx_refsource_DEBIAN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:36:25.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ESA-20030321-010",
            "tags": [
              "vendor-advisory",
              "x_refsource_ENGARDE",
              "x_transferred"
            ],
            "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
          },
          {
            "name": "20030319 EEYE: XDR Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
          },
          {
            "name": "MDKSA-2003:037",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
          },
          {
            "name": "RHSA-2003:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
          },
          {
            "name": "CA-2003-10",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-10.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
          },
          {
            "name": "DSA-282",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-282"
          },
          {
            "name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
          },
          {
            "name": "SuSE-SA:2003:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
          },
          {
            "name": "20030319 RE: EEYE: XDR Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
          },
          {
            "name": "RHSA-2003:091",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
          },
          {
            "name": "AD20030318",
            "tags": [
              "third-party-advisory",
              "x_refsource_EEYE",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
          },
          {
            "name": "VU#516825",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/516825"
          },
          {
            "name": "20030325 GLSA:  glibc (200303-22)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
          },
          {
            "name": "NetBSD-SA2003-008",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
          },
          {
            "name": "2003-0014",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
          },
          {
            "name": "20030331 GLSA: dietlibc (200303-29)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
          },
          {
            "name": "RHSA-2003:051",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
          },
          {
            "name": "20030319 EEYE: XDR Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:230",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
          },
          {
            "name": "DSA-266",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-266"
          },
          {
            "name": "RHSA-2003:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
          },
          {
            "name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
          },
          {
            "name": "20030522 [slackware-security]  glibc XDR overflow fix (SSA:2003-141-03)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
          },
          {
            "name": "DSA-272",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-272"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ESA-20030321-010",
          "tags": [
            "vendor-advisory",
            "x_refsource_ENGARDE"
          ],
          "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
        },
        {
          "name": "20030319 EEYE: XDR Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
        },
        {
          "name": "MDKSA-2003:037",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
        },
        {
          "name": "RHSA-2003:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
        },
        {
          "name": "CA-2003-10",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-10.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
        },
        {
          "name": "DSA-282",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-282"
        },
        {
          "name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
        },
        {
          "name": "SuSE-SA:2003:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
        },
        {
          "name": "20030319 RE: EEYE: XDR Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
        },
        {
          "name": "RHSA-2003:091",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
        },
        {
          "name": "AD20030318",
          "tags": [
            "third-party-advisory",
            "x_refsource_EEYE"
          ],
          "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
        },
        {
          "name": "VU#516825",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/516825"
        },
        {
          "name": "20030325 GLSA:  glibc (200303-22)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
        },
        {
          "name": "NetBSD-SA2003-008",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
        },
        {
          "name": "2003-0014",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
        },
        {
          "name": "20030331 GLSA: dietlibc (200303-29)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
        },
        {
          "name": "RHSA-2003:051",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
        },
        {
          "name": "20030319 EEYE: XDR Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:230",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
        },
        {
          "name": "DSA-266",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-266"
        },
        {
          "name": "RHSA-2003:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
        },
        {
          "name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
        },
        {
          "name": "20030522 [slackware-security]  glibc XDR overflow fix (SSA:2003-141-03)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
        },
        {
          "name": "DSA-272",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-272"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0028",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ESA-20030321-010",
              "refsource": "ENGARDE",
              "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
            },
            {
              "name": "20030319 EEYE: XDR Integer Overflow",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
            },
            {
              "name": "MDKSA-2003:037",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
            },
            {
              "name": "RHSA-2003:052",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
            },
            {
              "name": "CA-2003-10",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-10.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20150122-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
            },
            {
              "name": "DSA-282",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-282"
            },
            {
              "name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
            },
            {
              "name": "SuSE-SA:2003:027",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
            },
            {
              "name": "20030319 RE: EEYE: XDR Integer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
            },
            {
              "name": "RHSA-2003:091",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
            },
            {
              "name": "AD20030318",
              "refsource": "EEYE",
              "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
            },
            {
              "name": "VU#516825",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/516825"
            },
            {
              "name": "20030325 GLSA:  glibc (200303-22)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
            },
            {
              "name": "NetBSD-SA2003-008",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
            },
            {
              "name": "2003-0014",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
            },
            {
              "name": "20030331 GLSA: dietlibc (200303-29)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
            },
            {
              "name": "RHSA-2003:051",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
            },
            {
              "name": "20030319 EEYE: XDR Integer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:230",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
            },
            {
              "name": "DSA-266",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-266"
            },
            {
              "name": "RHSA-2003:089",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
            },
            {
              "name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
            },
            {
              "name": "20030522 [slackware-security]  glibc XDR overflow fix (SSA:2003-141-03)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
            },
            {
              "name": "DSA-272",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-272"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0028",
    "datePublished": "2003-03-21T05:00:00",
    "dateReserved": "2003-01-10T00:00:00",
    "dateUpdated": "2024-08-08T01:36:25.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-1668 (GCVE-0-2002-1668)

Vulnerability from nvd – Published: 2005-06-21 04:00 – Updated: 2024-08-08 03:34

Summary

HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/advisories/3770	vendor-advisoryx_refsource_HP
	http://www.securityfocus.com/bid/3817	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:34:55.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX0201-178",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/advisories/3770"
          },
          {
            "name": "3817",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3817"
          },
          {
            "name": "hp-mmap-dos(7844)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a \"file system weakness\" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "HPSBUX0201-178",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/advisories/3770"
        },
        {
          "name": "3817",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3817"
        },
        {
          "name": "hp-mmap-dos(7844)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1668",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a \"file system weakness\" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBUX0201-178",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/advisories/3770"
            },
            {
              "name": "3817",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3817"
            },
            {
              "name": "hp-mmap-dos(7844)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1668",
    "datePublished": "2005-06-21T04:00:00",
    "dateReserved": "2005-06-21T00:00:00",
    "dateUpdated": "2024-08-08T03:34:55.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1332 (GCVE-0-2004-1332)

Vulnerability from nvd – Published: 2005-01-06 05:00 – Updated: 2024-08-08 00:46

Summary

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://marc.info/?l=bugtraq&m=110797179710695&w=2	vendor-advisoryx_refsource_HP
	http://securitytracker.com/id?1012650	vdb-entryx_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/12077	vdb-entryx_refsource_BID
	http://marc.info/?l=bugtraq&m=110797179710695&w=2	vendor-advisoryx_refsource_HP
	http://www.kb.cert.org/vuls/id/647438	third-party-advisoryx_refsource_CERT-VN
	http://secunia.com/advisories/13608	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.idefense.com/application/poi/display?i…	third-party-advisoryx_refsource_IDEFENSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:12.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX01118",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
          },
          {
            "name": "1012650",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012650"
          },
          {
            "name": "oval:org.mitre.oval:def:5701",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
          },
          {
            "name": "12077",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12077"
          },
          {
            "name": "SSRT4883",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
          },
          {
            "name": "VU#647438",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/647438"
          },
          {
            "name": "13608",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13608"
          },
          {
            "name": "hp-ftpd-bo(18636)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
          },
          {
            "name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-12-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "HPSBUX01118",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
        },
        {
          "name": "1012650",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012650"
        },
        {
          "name": "oval:org.mitre.oval:def:5701",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
        },
        {
          "name": "12077",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12077"
        },
        {
          "name": "SSRT4883",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
        },
        {
          "name": "VU#647438",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/647438"
        },
        {
          "name": "13608",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13608"
        },
        {
          "name": "hp-ftpd-bo(18636)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
        },
        {
          "name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1332",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBUX01118",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
            },
            {
              "name": "1012650",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012650"
            },
            {
              "name": "oval:org.mitre.oval:def:5701",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
            },
            {
              "name": "12077",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12077"
            },
            {
              "name": "SSRT4883",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
            },
            {
              "name": "VU#647438",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/647438"
            },
            {
              "name": "13608",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13608"
            },
            {
              "name": "hp-ftpd-bo(18636)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
            },
            {
              "name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1332",
    "datePublished": "2005-01-06T05:00:00",
    "dateReserved": "2005-01-06T00:00:00",
    "dateUpdated": "2024-08-08T00:46:12.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0161 (GCVE-0-2003-0161)

Vulnerability from nvd – Published: 2003-04-01 05:00 – Updated: 2024-08-08 01:43

Summary

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI
	http://www.securityfocus.com/bid/7230	vdb-entryx_refsource_BID
	http://marc.info/?l=bugtraq&m=104914999806315&w=2	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-120.html	vendor-advisoryx_refsource_REDHAT
	http://www.securityfocus.com/archive/1/317135/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2003/dsa-278	vendor-advisoryx_refsource_DEBIAN
	http://www.debian.org/security/2003/dsa-290	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/archive/1/317135/30/…	vendor-advisoryx_refsource_IMMUNIX
	http://lists.apple.com/mhonarc/security-announce/…	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.cert.org/advisories/CA-2003-12.html	third-party-advisoryx_refsource_CERT
	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA…	vendor-advisoryx_refsource_CALDERA
	http://www.securityfocus.com/archive/1/316961/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-121.html	vendor-advisoryx_refsource_REDHAT
	http://distro.conectiva.com.br/atualizacoes/?id=a…	vendor-advisoryx_refsource_CONECTIVA
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20…	vendor-advisoryx_refsource_SCO
	http://www.gentoo.org/security/en/glsa/glsa-20030…	vendor-advisoryx_refsource_GENTOO
	http://lists.grok.org.uk/pipermail/full-disclosur…	mailing-listx_refsource_FULLDISC
	http://marc.info/?l=bugtraq&m=104897487512238&w=2	mailing-listx_refsource_BUGTRAQ
	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories…	vendor-advisoryx_refsource_FREEBSD
	http://www.securityfocus.com/archive/1/321997	mailing-listx_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=104896621106790&w=2	mailing-listx_refsource_BUGTRAQ
	http://www.kb.cert.org/vuls/id/897604	third-party-advisoryx_refsource_CERT-VN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.017Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1001088",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
          },
          {
            "name": "52620",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
          },
          {
            "name": "20030401-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
          },
          {
            "name": "7230",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7230"
          },
          {
            "name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
          },
          {
            "name": "RHSA-2003:120",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
          },
          {
            "name": "20030401 Immunix Secured OS 7+ openssl update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
          },
          {
            "name": "DSA-278",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-278"
          },
          {
            "name": "DSA-290",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-290"
          },
          {
            "name": "IMNX-2003-7+-002-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_IMMUNIX",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
          },
          {
            "name": "52700",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
          },
          {
            "name": "CA-2003-12",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-12.html"
          },
          {
            "name": "CSSA-2003-016.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
          },
          {
            "name": "20030331 GLSA: sendmail (200303-27)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
          },
          {
            "name": "RHSA-2003:121",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
          },
          {
            "name": "CLA-2003:614",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
          },
          {
            "name": "SCOSA-2004.11",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
          },
          {
            "name": "GLSA-200303-27",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
          },
          {
            "name": "20030329 Sendmail: -1 gone wild",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
          },
          {
            "name": "20030329 Sendmail: -1 gone wild",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
          },
          {
            "name": "FreeBSD-SA-03:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
          },
          {
            "name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/321997"
          },
          {
            "name": "20030329 sendmail 8.12.9 available",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
          },
          {
            "name": "VU#897604",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/897604"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1001088",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
        },
        {
          "name": "52620",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
        },
        {
          "name": "20030401-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
        },
        {
          "name": "7230",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7230"
        },
        {
          "name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
        },
        {
          "name": "RHSA-2003:120",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
        },
        {
          "name": "20030401 Immunix Secured OS 7+ openssl update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
        },
        {
          "name": "DSA-278",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-278"
        },
        {
          "name": "DSA-290",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-290"
        },
        {
          "name": "IMNX-2003-7+-002-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_IMMUNIX"
          ],
          "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
        },
        {
          "name": "52700",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
        },
        {
          "name": "CA-2003-12",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-12.html"
        },
        {
          "name": "CSSA-2003-016.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
        },
        {
          "name": "20030331 GLSA: sendmail (200303-27)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
        },
        {
          "name": "RHSA-2003:121",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
        },
        {
          "name": "CLA-2003:614",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
        },
        {
          "name": "SCOSA-2004.11",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
        },
        {
          "name": "GLSA-200303-27",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
        },
        {
          "name": "20030329 Sendmail: -1 gone wild",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
        },
        {
          "name": "20030329 Sendmail: -1 gone wild",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
        },
        {
          "name": "FreeBSD-SA-03:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
        },
        {
          "name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/321997"
        },
        {
          "name": "20030329 sendmail 8.12.9 available",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
        },
        {
          "name": "VU#897604",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/897604"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0161",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1001088",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
            },
            {
              "name": "52620",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
            },
            {
              "name": "20030401-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
            },
            {
              "name": "7230",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7230"
            },
            {
              "name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
            },
            {
              "name": "RHSA-2003:120",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
            },
            {
              "name": "20030401 Immunix Secured OS 7+ openssl update",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
            },
            {
              "name": "DSA-278",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-278"
            },
            {
              "name": "DSA-290",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-290"
            },
            {
              "name": "IMNX-2003-7+-002-01",
              "refsource": "IMMUNIX",
              "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
            },
            {
              "name": "http://lists.apple.com/mhonarc/security-announce/msg00028.html",
              "refsource": "CONFIRM",
              "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
            },
            {
              "name": "52700",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
            },
            {
              "name": "CA-2003-12",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-12.html"
            },
            {
              "name": "CSSA-2003-016.0",
              "refsource": "CALDERA",
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
            },
            {
              "name": "20030331 GLSA: sendmail (200303-27)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
            },
            {
              "name": "RHSA-2003:121",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
            },
            {
              "name": "CLA-2003:614",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
            },
            {
              "name": "SCOSA-2004.11",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
            },
            {
              "name": "GLSA-200303-27",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
            },
            {
              "name": "20030329 Sendmail: -1 gone wild",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
            },
            {
              "name": "20030329 Sendmail: -1 gone wild",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
            },
            {
              "name": "FreeBSD-SA-03:07",
              "refsource": "FREEBSD",
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
            },
            {
              "name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/321997"
            },
            {
              "name": "20030329 sendmail 8.12.9 available",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
            },
            {
              "name": "VU#897604",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/897604"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0161",
    "datePublished": "2003-04-01T05:00:00",
    "dateReserved": "2003-03-24T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.017Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0028 (GCVE-0-2003-0028)

Vulnerability from nvd – Published: 2003-03-21 05:00 – Updated: 2024-08-08 01:36

Summary

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.linuxsecurity.com/advisories/engarde_a…	vendor-advisoryx_refsource_ENGARDE
	http://archives.neohapsis.com/archives/vulnwatch/…	mailing-listx_refsource_VULNWATCH
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2003-052.html	vendor-advisoryx_refsource_REDHAT
	http://www.cert.org/advisories/CA-2003-10.html	third-party-advisoryx_refsource_CERT
	https://security.netapp.com/advisory/ntap-2015012…	x_refsource_CONFIRM
	http://www.debian.org/security/2003/dsa-282	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/archive/1/316960/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/archive/1/315638/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-091.html	vendor-advisoryx_refsource_REDHAT
	http://www.eeye.com/html/Research/Advisories/AD20…	third-party-advisoryx_refsource_EEYE
	http://www.kb.cert.org/vuls/id/516825	third-party-advisoryx_refsource_CERT-VN
	http://marc.info/?l=bugtraq&m=104860855114117&w=2	mailing-listx_refsource_BUGTRAQ
	ftp://ftp.netbsd.org/pub/NetBSD/security/advisori…	vendor-advisoryx_refsource_NETBSD
	http://marc.info/?l=bugtraq&m=104878237121402&w=2	vendor-advisoryx_refsource_TRUSTIX
	http://www.securityfocus.com/archive/1/316931/30/…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2003-051.html	vendor-advisoryx_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=104810574423662&w=2	mailing-listx_refsource_BUGTRAQ
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.debian.org/security/2003/dsa-266	vendor-advisoryx_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2003-089.html	vendor-advisoryx_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=104811415301340&w=2	mailing-listx_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=105362148313082&w=2	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2003/dsa-272	vendor-advisoryx_refsource_DEBIAN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:36:25.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ESA-20030321-010",
            "tags": [
              "vendor-advisory",
              "x_refsource_ENGARDE",
              "x_transferred"
            ],
            "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
          },
          {
            "name": "20030319 EEYE: XDR Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
          },
          {
            "name": "MDKSA-2003:037",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
          },
          {
            "name": "RHSA-2003:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
          },
          {
            "name": "CA-2003-10",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-10.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
          },
          {
            "name": "DSA-282",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-282"
          },
          {
            "name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
          },
          {
            "name": "SuSE-SA:2003:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
          },
          {
            "name": "20030319 RE: EEYE: XDR Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
          },
          {
            "name": "RHSA-2003:091",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
          },
          {
            "name": "AD20030318",
            "tags": [
              "third-party-advisory",
              "x_refsource_EEYE",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
          },
          {
            "name": "VU#516825",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/516825"
          },
          {
            "name": "20030325 GLSA:  glibc (200303-22)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
          },
          {
            "name": "NetBSD-SA2003-008",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
          },
          {
            "name": "2003-0014",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
          },
          {
            "name": "20030331 GLSA: dietlibc (200303-29)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
          },
          {
            "name": "RHSA-2003:051",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
          },
          {
            "name": "20030319 EEYE: XDR Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:230",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
          },
          {
            "name": "DSA-266",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-266"
          },
          {
            "name": "RHSA-2003:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
          },
          {
            "name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
          },
          {
            "name": "20030522 [slackware-security]  glibc XDR overflow fix (SSA:2003-141-03)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
          },
          {
            "name": "DSA-272",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-272"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ESA-20030321-010",
          "tags": [
            "vendor-advisory",
            "x_refsource_ENGARDE"
          ],
          "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
        },
        {
          "name": "20030319 EEYE: XDR Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
        },
        {
          "name": "MDKSA-2003:037",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
        },
        {
          "name": "RHSA-2003:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
        },
        {
          "name": "CA-2003-10",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-10.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
        },
        {
          "name": "DSA-282",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-282"
        },
        {
          "name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
        },
        {
          "name": "SuSE-SA:2003:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
        },
        {
          "name": "20030319 RE: EEYE: XDR Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
        },
        {
          "name": "RHSA-2003:091",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
        },
        {
          "name": "AD20030318",
          "tags": [
            "third-party-advisory",
            "x_refsource_EEYE"
          ],
          "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
        },
        {
          "name": "VU#516825",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/516825"
        },
        {
          "name": "20030325 GLSA:  glibc (200303-22)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
        },
        {
          "name": "NetBSD-SA2003-008",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
        },
        {
          "name": "2003-0014",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
        },
        {
          "name": "20030331 GLSA: dietlibc (200303-29)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
        },
        {
          "name": "RHSA-2003:051",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
        },
        {
          "name": "20030319 EEYE: XDR Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:230",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
        },
        {
          "name": "DSA-266",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-266"
        },
        {
          "name": "RHSA-2003:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
        },
        {
          "name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
        },
        {
          "name": "20030522 [slackware-security]  glibc XDR overflow fix (SSA:2003-141-03)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
        },
        {
          "name": "DSA-272",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-272"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0028",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ESA-20030321-010",
              "refsource": "ENGARDE",
              "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
            },
            {
              "name": "20030319 EEYE: XDR Integer Overflow",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
            },
            {
              "name": "MDKSA-2003:037",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
            },
            {
              "name": "RHSA-2003:052",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
            },
            {
              "name": "CA-2003-10",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-10.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20150122-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
            },
            {
              "name": "DSA-282",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-282"
            },
            {
              "name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
            },
            {
              "name": "SuSE-SA:2003:027",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
            },
            {
              "name": "20030319 RE: EEYE: XDR Integer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
            },
            {
              "name": "RHSA-2003:091",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
            },
            {
              "name": "AD20030318",
              "refsource": "EEYE",
              "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
            },
            {
              "name": "VU#516825",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/516825"
            },
            {
              "name": "20030325 GLSA:  glibc (200303-22)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
            },
            {
              "name": "NetBSD-SA2003-008",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
            },
            {
              "name": "2003-0014",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
            },
            {
              "name": "20030331 GLSA: dietlibc (200303-29)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
            },
            {
              "name": "RHSA-2003:051",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
            },
            {
              "name": "20030319 EEYE: XDR Integer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:230",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
            },
            {
              "name": "DSA-266",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-266"
            },
            {
              "name": "RHSA-2003:089",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
            },
            {
              "name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
            },
            {
              "name": "20030522 [slackware-security]  glibc XDR overflow fix (SSA:2003-141-03)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
            },
            {
              "name": "DSA-272",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-272"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0028",
    "datePublished": "2003-03-21T05:00:00",
    "dateReserved": "2003-01-10T00:00:00",
    "dateUpdated": "2024-08-08T01:36:25.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2004-1332

Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110797179710695&w=2
cve@mitre.org	http://secunia.com/advisories/13608	Patch
cve@mitre.org	http://securitytracker.com/id?1012650
cve@mitre.org	http://www.idefense.com/application/poi/display?id=175&type=vulnerabilities&flashstatus=false
cve@mitre.org	http://www.kb.cert.org/vuls/id/647438	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/12077	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18636
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110797179710695&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/13608	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1012650
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/application/poi/display?id=175&type=vulnerabilities&flashstatus=false
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/647438	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12077	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18636
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701

Impacted products

Vendor	Product	Version
hp	hp-ux	10.01
hp	hp-ux	10.10
hp	hp-ux	10.20
hp	hp-ux	10.24
hp	hp-ux	11.00
hp	hp-ux	11.4
hp	hp-ux	11.11
hp	hp-ux	11.11i
hp	hp-ux	11.22
hp	hp-ux	11.23
hp	hp-ux_series_700	10.20
hp	hp-ux_series_800	10.20
hp	sis	*
hp	vvos	10.24
hp	vvos	11.04

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F038B325-A982-43FB-9146-E103CCFB5C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.11i:*:*:*:*:*:*:*",
              "matchCriteriaId": "C10245E1-C95C-4219-92C9-888E5966ABF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDC3AECB-D8A1-413E-BC9B-7245B386FCE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:vvos:10.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9B7C178-4BE6-4397-A4E2-01375E4CA978",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
    }
  ],
  "id": "CVE-2004-1332",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/13608"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012650"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/647438"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/12077"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/13608"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/647438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/12077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2003-0161

Vulnerability from fkie_nvd - Published: 2003-04-02 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

References

URL	Tags
cve@mitre.org	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt
cve@mitre.org	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc
cve@mitre.org	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614
cve@mitre.org	http://lists.apple.com/mhonarc/security-announce/msg00028.html
cve@mitre.org	http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=104896621106790&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=104897487512238&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=104914999806315&w=2
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1
cve@mitre.org	http://www.cert.org/advisories/CA-2003-12.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.debian.org/security/2003/dsa-278
cve@mitre.org	http://www.debian.org/security/2003/dsa-290
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml
cve@mitre.org	http://www.kb.cert.org/vuls/id/897604	US Government Resource
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-120.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-121.html
cve@mitre.org	http://www.securityfocus.com/archive/1/316961/30/25250/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/317135/30/25220/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/317135/30/25220/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/321997
cve@mitre.org	http://www.securityfocus.com/bid/7230	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/mhonarc/security-announce/msg00028.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=104896621106790&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=104897487512238&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=104914999806315&w=2
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2003-12.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2003/dsa-278
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2003/dsa-290
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/897604	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-120.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-121.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/316961/30/25250/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/317135/30/25220/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/317135/30/25220/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/321997
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/7230	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
sendmail	sendmail	2.6
sendmail	sendmail	2.6.1
sendmail	sendmail	2.6.2
sendmail	sendmail	3.0
sendmail	sendmail	3.0.1
sendmail	sendmail	3.0.2
sendmail	sendmail	3.0.3
sendmail	sendmail	8.9.0
sendmail	sendmail	8.9.1
sendmail	sendmail	8.9.2
sendmail	sendmail	8.9.3
sendmail	sendmail	8.10
sendmail	sendmail	8.10.1
sendmail	sendmail	8.10.2
sendmail	sendmail	8.11.0
sendmail	sendmail	8.11.1
sendmail	sendmail	8.11.2
sendmail	sendmail	8.11.3
sendmail	sendmail	8.11.4
sendmail	sendmail	8.11.5
sendmail	sendmail	8.11.6
sendmail	sendmail	8.12
sendmail	sendmail	8.12
sendmail	sendmail	8.12
sendmail	sendmail	8.12
sendmail	sendmail	8.12
sendmail	sendmail	8.12.0
sendmail	sendmail	8.12.1
sendmail	sendmail	8.12.2
sendmail	sendmail	8.12.3
sendmail	sendmail	8.12.4
sendmail	sendmail	8.12.5
sendmail	sendmail	8.12.6
sendmail	sendmail	8.12.7
sendmail	sendmail	8.12.8
sendmail	sendmail_switch	2.1
sendmail	sendmail_switch	2.1.1
sendmail	sendmail_switch	2.1.2
sendmail	sendmail_switch	2.1.3
sendmail	sendmail_switch	2.1.4
sendmail	sendmail_switch	2.1.5
sendmail	sendmail_switch	2.2
sendmail	sendmail_switch	2.2.1
sendmail	sendmail_switch	2.2.2
sendmail	sendmail_switch	2.2.3
sendmail	sendmail_switch	2.2.4
sendmail	sendmail_switch	2.2.5
sendmail	sendmail_switch	3.0
sendmail	sendmail_switch	3.0.1
sendmail	sendmail_switch	3.0.2
sendmail	sendmail_switch	3.0.3
compaq	tru64	4.0b
compaq	tru64	4.0d
compaq	tru64	4.0d_pk9_bl17
compaq	tru64	4.0f
compaq	tru64	4.0f_pk6_bl17
compaq	tru64	4.0f_pk7_bl18
compaq	tru64	4.0g
compaq	tru64	4.0g_pk3_bl17
compaq	tru64	5.0
compaq	tru64	5.0_pk4_bl17
compaq	tru64	5.0_pk4_bl18
compaq	tru64	5.0a
compaq	tru64	5.0a_pk3_bl17
compaq	tru64	5.0f
compaq	tru64	5.1
compaq	tru64	5.1_pk3_bl17
compaq	tru64	5.1_pk4_bl18
compaq	tru64	5.1_pk5_bl19
compaq	tru64	5.1_pk6_bl20
compaq	tru64	5.1a
compaq	tru64	5.1a_pk1_bl1
compaq	tru64	5.1a_pk2_bl2
compaq	tru64	5.1a_pk3_bl3
compaq	tru64	5.1b
compaq	tru64	5.1b_pk1_bl1
hp	hp-ux	10.00
hp	hp-ux	10.01
hp	hp-ux	10.08
hp	hp-ux	10.09
hp	hp-ux	10.10
hp	hp-ux	10.16
hp	hp-ux	10.20
hp	hp-ux	10.24
hp	hp-ux	10.26
hp	hp-ux	10.30
hp	hp-ux	10.34
hp	hp-ux	11.00
hp	hp-ux	11.0.4
hp	hp-ux	11.11
hp	hp-ux	11.20
hp	hp-ux	11.22
hp	hp-ux_series_700	10.20
hp	hp-ux_series_800	10.20
hp	sis	*
sun	solaris	2.4
sun	solaris	2.5
sun	solaris	2.5.1
sun	solaris	2.5.1
sun	solaris	2.6
sun	solaris	7.0
sun	solaris	8.0
sun	solaris	9.0
sun	solaris	9.0
sun	solaris	9.0
sun	sunos	-
sun	sunos	5.4
sun	sunos	5.5
sun	sunos	5.5.1
sun	sunos	5.7
sun	sunos	5.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA16C02-3B8D-4188-898E-048A93F11ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF12CC4-C9CD-479A-8F85-8F947B5B60A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "623A2E07-2122-4ADE-9932-011DCA4396A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5C563EF-FDED-4193-A66A-06527878BB1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A267D3-2F49-4E61-B2C9-D8ED2265665E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7199205A-B914-40A1-9C82-A9698511E3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC468AB-8B18-4169-8040-614A32444732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
              "matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
              "matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
              "matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
              "matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5492A89B-8140-4CF7-BE81-09C25A64373A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A6D5AF-2134-4EC5-B53A-CE95B5505325",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B5FE819-E570-4AEE-BF0C-B9B1960A1AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "913AF73A-F6DE-4FAF-8A09-02CD33784B27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "661A9B85-09EE-4D38-9160-8EEA6BE07BD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28941D4-7D1E-4BF9-8E2F-C951978424E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD930C49-512B-4114-8A97-80B1816CFCFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E8553E3-578B-4BE3-BBAD-5589338586E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7EE5C8E-8E2E-4C98-B8C5-B590E44B1EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A3930ED-DE49-4F01-A904-5D66E34832F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A51855-94DD-4F2E-BFF8-4ABE4613F962",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "56B76FFE-90CB-4C11-9E9D-FFA896482628",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "74C77927-A67A-4C1B-BB80-18148E1F0FE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C9D22E3-18F8-42F9-993E-81E832B0B125",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BABB5CA-26F4-4DB6-9D43-1C82751DCCA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F323395B-4549-4B54-8BBF-66B1B1B3F563",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E86C510-4F66-4B6B-BD11-E41E20ECAEEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*",
              "matchCriteriaId": "B750254C-A460-4F52-B4A4-636CB2CBE50E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF069023-0716-4806-9A04-1171770940B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2B5B59-B0CD-4F49-870B-F8F8BE902965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9A4900F-7A0B-441E-967D-45B1A051A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
              "matchCriteriaId": "F41B68A9-C4EF-47F5-BE84-BD20C073C2D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "75546AD4-15DD-45FD-AFFB-8A59CB8D401C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
              "matchCriteriaId": "38B11F9E-64EE-47D1-A341-62F54382227C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3198FD9F-ACB8-4F59-A896-68A3A7287D78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*",
              "matchCriteriaId": "146562A0-D7AA-465D-9F48-5B0E75E4D109",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BC279C2-31D2-4A13-B38B-593FA761361E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C85EF72-0F04-4705-9BED-C921F5FB7860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B86A9A68-DFD4-42FD-A11C-FCBC73E6EDCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BE8BFB6-FE31-4C44-9562-76DC47E105B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E296E409-EF32-48FC-88CB-C38C7CF4A239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE0BEA96-837B-4699-BE2E-CCD8F8F3CF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E4DFD7B-4A10-4991-AC26-C8A957E87009",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EA62CD1-19EA-46D8-9423-BFFF9FC8CA3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
              "matchCriteriaId": "881FCB3C-DAD8-4883-B185-19A61B76102B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9413090-D930-49DB-B7ED-7035C717B821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "168C607C-6170-4936-9A53-AE3AAEBD79F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7793736-B551-428D-8A2F-291968E212FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB7AD47-5AF1-4CE0-A295-48567F991EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "55E0D6B2-C319-4DD4-AB4C-F2F35F7806F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCEFCB5E-D7DF-48BF-B62A-081C4799F5A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "2170549C-80D2-4FF8-AC07-BD4124125B02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "066D4E93-366F-42D4-B27D-8AF981F5F2AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E41C26-A086-4C9C-83D8-CB910F4B67F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE98EAD2-838F-42A2-BC90-F739A6639D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "09070FE3-EF6B-41F6-89D8-3C9E31F3A6BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD50216-90AC-480E-A11C-E88E64C6D84A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB76FE0-BEF3-40D4-B362-0C95CA625A71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDC3AECB-D8A1-413E-BC9B-7245B386FCE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
              "matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
              "matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "54AF87E4-52A4-44CA-B48E-A5BB139E6410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
              "matchCriteriaId": "3F305CBD-4329-44DE-A85C-DE9FF371425E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
    }
  ],
  "id": "CVE-2003-0161",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-04-02T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-12.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-278"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-290"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/897604"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/321997"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-12.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-278"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/897604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/321997"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7230"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2003-0028

Vulnerability from fkie_nvd - Published: 2003-03-25 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

References

URL	Tags
cve@mitre.org	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=104810574423662&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=104811415301340&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=104860855114117&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=104878237121402&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=105362148313082&w=2
cve@mitre.org	http://www.cert.org/advisories/CA-2003-10.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.debian.org/security/2003/dsa-266
cve@mitre.org	http://www.debian.org/security/2003/dsa-272
cve@mitre.org	http://www.debian.org/security/2003/dsa-282
cve@mitre.org	http://www.eeye.com/html/Research/Advisories/AD20030318.html	Exploit, Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/516825	US Government Resource
cve@mitre.org	http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
cve@mitre.org	http://www.novell.com/linux/security/advisories/2003_027_glibc.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-051.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-052.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-089.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-091.html
cve@mitre.org	http://www.securityfocus.com/archive/1/315638/30/25430/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/316931/30/25250/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/316960/30/25250/threaded
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230
cve@mitre.org	https://security.netapp.com/advisory/ntap-20150122-0002/
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=104810574423662&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=104811415301340&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=104860855114117&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=104878237121402&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=105362148313082&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2003-10.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2003/dsa-266
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2003/dsa-272
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2003/dsa-282
af854a3a-2127-422b-91ae-364da2661108	http://www.eeye.com/html/Research/Advisories/AD20030318.html	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/516825	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2003:037
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2003_027_glibc.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-051.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-052.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-089.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-091.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/315638/30/25430/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/316931/30/25250/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/316960/30/25250/threaded
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20150122-0002/

Impacted products

Vendor	Product	Version
gnu	glibc	2.1
gnu	glibc	2.1.1
gnu	glibc	2.1.2
gnu	glibc	2.1.3
gnu	glibc	2.2
gnu	glibc	2.2.1
gnu	glibc	2.2.2
gnu	glibc	2.2.3
gnu	glibc	2.2.4
gnu	glibc	2.2.5
gnu	glibc	2.3
gnu	glibc	2.3.1
gnu	glibc	2.3.2
mit	kerberos_5	1.2
mit	kerberos_5	1.2.1
mit	kerberos_5	1.2.2
mit	kerberos_5	1.2.3
mit	kerberos_5	1.2.4
mit	kerberos_5	1.2.5
mit	kerberos_5	1.2.6
mit	kerberos_5	1.2.7
openafs	openafs	1.0
openafs	openafs	1.0.1
openafs	openafs	1.0.2
openafs	openafs	1.0.3
openafs	openafs	1.0.4
openafs	openafs	1.0.4a
openafs	openafs	1.1
openafs	openafs	1.1.1
openafs	openafs	1.1.1a
openafs	openafs	1.2
openafs	openafs	1.2.1
openafs	openafs	1.2.2
openafs	openafs	1.2.2a
openafs	openafs	1.2.2b
openafs	openafs	1.2.3
openafs	openafs	1.2.4
openafs	openafs	1.2.5
openafs	openafs	1.2.6
openafs	openafs	1.3
openafs	openafs	1.3.1
openafs	openafs	1.3.2
sgi	irix	6.5
sgi	irix	6.5.1
sgi	irix	6.5.2
sgi	irix	6.5.2f
sgi	irix	6.5.2m
sgi	irix	6.5.3
sgi	irix	6.5.3f
sgi	irix	6.5.3m
sgi	irix	6.5.4
sgi	irix	6.5.4f
sgi	irix	6.5.4m
sgi	irix	6.5.5
sgi	irix	6.5.5f
sgi	irix	6.5.5m
sgi	irix	6.5.6
sgi	irix	6.5.6f
sgi	irix	6.5.6m
sgi	irix	6.5.7
sgi	irix	6.5.7f
sgi	irix	6.5.7m
sgi	irix	6.5.8
sgi	irix	6.5.8f
sgi	irix	6.5.8m
sgi	irix	6.5.9
sgi	irix	6.5.9f
sgi	irix	6.5.9m
sgi	irix	6.5.10
sgi	irix	6.5.10f
sgi	irix	6.5.10m
sgi	irix	6.5.11
sgi	irix	6.5.11f
sgi	irix	6.5.11m
sgi	irix	6.5.12
sgi	irix	6.5.12f
sgi	irix	6.5.12m
sgi	irix	6.5.13
sgi	irix	6.5.13f
sgi	irix	6.5.13m
sgi	irix	6.5.14
sgi	irix	6.5.14f
sgi	irix	6.5.14m
sgi	irix	6.5.15
sgi	irix	6.5.15f
sgi	irix	6.5.15m
sgi	irix	6.5.16
sgi	irix	6.5.16f
sgi	irix	6.5.16m
sgi	irix	6.5.17
sgi	irix	6.5.17f
sgi	irix	6.5.17m
sgi	irix	6.5.18
sgi	irix	6.5.18f
sgi	irix	6.5.18m
sgi	irix	6.5.19
sgi	irix	6.5.20
cray	unicos	6.0
cray	unicos	6.0e
cray	unicos	6.1
cray	unicos	7.0
cray	unicos	8.0
cray	unicos	8.3
cray	unicos	9.0
cray	unicos	9.0.2.5
cray	unicos	9.2
cray	unicos	9.2.4
freebsd	freebsd	4.0
freebsd	freebsd	4.1
freebsd	freebsd	4.1.1
freebsd	freebsd	4.1.1
freebsd	freebsd	4.1.1
freebsd	freebsd	4.2
freebsd	freebsd	4.2
freebsd	freebsd	4.3
freebsd	freebsd	4.3
freebsd	freebsd	4.3
freebsd	freebsd	4.4
freebsd	freebsd	4.4
freebsd	freebsd	4.5
freebsd	freebsd	4.5
freebsd	freebsd	4.5
freebsd	freebsd	4.6
freebsd	freebsd	4.6
freebsd	freebsd	4.6
freebsd	freebsd	4.6.2
freebsd	freebsd	4.7
freebsd	freebsd	4.7
freebsd	freebsd	4.7
freebsd	freebsd	5.0
hp	hp-ux	10.20
hp	hp-ux	10.24
hp	hp-ux	11.00
hp	hp-ux	11.04
hp	hp-ux	11.11
hp	hp-ux	11.20
hp	hp-ux	11.22
hp	hp-ux_series_700	10.20
hp	hp-ux_series_800	10.20
ibm	aix	4.3.3
ibm	aix	5.1
ibm	aix	5.2
openbsd	openbsd	2.0
openbsd	openbsd	2.1
openbsd	openbsd	2.2
openbsd	openbsd	2.3
openbsd	openbsd	2.4
openbsd	openbsd	2.5
openbsd	openbsd	2.6
openbsd	openbsd	2.7
openbsd	openbsd	2.8
openbsd	openbsd	2.9
openbsd	openbsd	3.0
openbsd	openbsd	3.1
openbsd	openbsd	3.2
sun	solaris	2.5.1
sun	solaris	2.6
sun	solaris	7.0
sun	solaris	8.0
sun	solaris	9.0
sun	solaris	9.0
sun	sunos	-
sun	sunos	5.5.1
sun	sunos	5.7
sun	sunos	5.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8C0C82-749E-4837-88F8-FB56A753B094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AD672FA-918D-48CB-BC03-4E412AF0DCCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EF42A5-EC47-4475-81D6-FD1E9C2B8A3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "30F2CBEF-6FA1-4E07-8163-6AFEDC93FCE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D133CB0D-8A54-4DAA-9FE8-0B367544DE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2C23BD-1995-4F09-B444-87DDDE21817E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEF118BE-6351-4768-A3F0-DFE0065273D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBC8B64A-B5A9-4F66-86AD-0288F8E3D62D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE08E0AC-71F8-456B-9E88-43E94A6A2F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "10CFD4A8-71AE-4F85-B86D-001461ECC2E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD3D4A8-934B-420A-AF4A-36DD16E2F851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D7AD53C-917A-41CC-83CD-6DF825E2640E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.0.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F84C9B-8073-4EBE-AA75-A373772A42EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E921700-C76F-41EA-AA61-6F939ED329CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDBD251-3E96-4068-AD24-E5B1802769E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.1.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A07568-7B15-49F1-9163-40A0BFF38309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8A18760-0921-475E-9104-4DF480697E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD01B5F6-7E91-4FE8-B345-42D58C786FCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "34002792-689C-45B5-9B5A-94B5342AC20B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3331166E-ABBA-4326-8EF4-88872B9824A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "302A9220-4C73-4D69-8B62-B64A7E280B31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B8FC287-D6D8-44BA-9125-3E64624ECDFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C09E5-23C3-4F9E-80FC-B0C4EC34C846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0295B94D-BE71-4DA2-81C5-E5BBCF0E17AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBADEB7-0073-42EB-B53D-ADA227898493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "299D4344-A1DB-4EC3-B1A2-5E07FB2B585F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BE26C0-4A71-43AE-B134-3CE6DE839349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openafs:openafs:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE590EA3-85F6-462A-BCC1-0550192F8F9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2f:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB113626-38E2-4C42-A6A9-4BBDA0AC4A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
              "matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
              "matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4f:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CEC8518-4DBA-43AA-90B8-279F2DD4A2DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4m:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F8286F3-DF0E-4D8E-A27D-0C5182D5870C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.5f:*:*:*:*:*:*:*",
              "matchCriteriaId": "B306EE13-57CF-43A6-AA72-C641C53A2A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.5m:*:*:*:*:*:*:*",
              "matchCriteriaId": "6291BEE1-73D2-4976-B065-E135880F73B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6f:*:*:*:*:*:*:*",
              "matchCriteriaId": "621C31D9-8102-4F2D-8008-B32020F0B831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6m:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF5E9B8-62F9-4A6F-9C0C-551980981366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7f:*:*:*:*:*:*:*",
              "matchCriteriaId": "F883CF73-CDA0-4B50-98E6-1B5DE0A4A816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6C9F200-68AC-4B45-8AFC-F604429FDF3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8f:*:*:*:*:*:*:*",
              "matchCriteriaId": "1742BF2B-63C7-441D-9A01-DE65C95911D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8m:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30B7C42-CEE8-4377-957C-BCCE35C071A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.9f:*:*:*:*:*:*:*",
              "matchCriteriaId": "B859D7F7-B0A6-4148-8146-F651ED3F99AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.9m:*:*:*:*:*:*:*",
              "matchCriteriaId": "59EC5B1A-309A-4DE2-A197-F4DC07A8DC3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.10f:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E7D3C74-CDD2-4DFF-A331-007E1669752A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.10m:*:*:*:*:*:*:*",
              "matchCriteriaId": "03FA10EA-F6E5-4A89-AC37-40FF6A147528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.11f:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C8E0DF6-D9C2-4DBC-9997-B5BFC6DEC9F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.11m:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E1480B-2183-45AD-B63F-16DEC9BF0398",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.12f:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D08345C-F945-410C-9DCB-8C358178F975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.12m:*:*:*:*:*:*:*",
              "matchCriteriaId": "8764BE36-9377-486C-9198-DF79A5A60679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.13f:*:*:*:*:*:*:*",
              "matchCriteriaId": "25243FA1-7AF7-41D4-8FAD-A5AB289E120D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.13m:*:*:*:*:*:*:*",
              "matchCriteriaId": "94D89730-AA61-4FC9-A6AB-0574CA51EE75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B24D34C-1F95-45C8-9A57-2D2622ED9019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B59E7C-B059-41CD-AE33-E9623ADA12BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF1B657-C910-4BB0-828C-09B6A59D988D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*",
              "matchCriteriaId": "72D61A9F-AC57-4DD9-9047-74BFA9BFACFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C254FC5D-895D-4EFC-B9A7-74699D9FE65E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13C07CC-F615-4F30-B532-4BF6F02F84DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*",
              "matchCriteriaId": "27532639-37CD-4BD2-AE48-F741009D3449",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*",
              "matchCriteriaId": "F83879DE-1BD7-4FF7-ACC6-5B119DB09BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BE3F77A-909E-4947-A808-BCAB7F96A108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F1E3C7-0FDD-46E1-8748-6A5FF669C95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "2334FD6C-444F-4042-AF6D-D654C18C9950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFCB9A7-9121-4FAE-B6FA-96C3A023ACEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cray:unicos:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E7725DD-085A-4D3A-8F9E-55C3D4BBDD1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:6.0e:*:*:*:*:*:*:*",
              "matchCriteriaId": "544736F7-0E4F-45C1-811B-114CFCBBC895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACCD6F58-9E37-40F0-AFD5-49523BEA301E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA7CE84-9266-4699-8687-50D09FFF6CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E9226A7-8253-4AA4-8BD1-31219080261B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E7D776A-9DC2-4479-8064-BB86E005B2DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFB0C892-B2B2-4810-A009-AE1809730FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:9.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "07FF0A62-A4D2-495D-B45B-7439C24F6046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4029356-417F-4738-ACE0-B88351EA9010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cray:unicos:9.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A71A88A2-4816-49E6-B549-DA28AB80DBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*",
              "matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*",
              "matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*",
              "matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*",
              "matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*",
              "matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
              "matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*",
              "matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*",
              "matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
              "matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
              "matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*",
              "matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*",
              "matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B7A7B90-9086-4A10-8FB4-1C1D909BC173",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB76FE0-BEF3-40D4-B362-0C95CA625A71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n xdrmem_getbytes(), y posiblemente otras funciones, de librerias XDR (representaci\u00f3n de datos externos) derivadas de SunRPC, incluyendo libnsl, libc y glibc permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ciertos valores enteros en campos de longitud."
    }
  ],
  "id": "CVE-2003-0028",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-03-25T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-10.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-266"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-272"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-282"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/516825"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-10.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-266"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/516825"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2002-1668

Vulnerability from fkie_nvd - Published: 2002-12-31 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/advisories/3770	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/3817	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/7844
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/advisories/3770	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/3817	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/7844

Impacted products

Vendor	Product	Version
hp	hp-ux	11.00
hp	hp-ux	11.0.4
hp	hp-ux	11.11
hp	hp-ux_series_700	10.20
hp	hp-ux_series_800	10.20

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a \"file system weakness\" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file."
    }
  ],
  "id": "CVE-2002-1668",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/advisories/3770"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/3817"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/advisories/3770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/3817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7844"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Search criteria

12 vulnerabilities found for hp-ux_series_800 by hp

CVE-2002-1668 (GCVE-0-2002-1668)

CVE-2004-1332 (GCVE-0-2004-1332)

CVE-2003-0161 (GCVE-0-2003-0161)

CVE-2003-0028 (GCVE-0-2003-0028)

CVE-2002-1668 (GCVE-0-2002-1668)

CVE-2004-1332 (GCVE-0-2004-1332)

CVE-2003-0161 (GCVE-0-2003-0161)

CVE-2003-0028 (GCVE-0-2003-0028)

FKIE_CVE-2004-1332

FKIE_CVE-2003-0161

FKIE_CVE-2003-0028

FKIE_CVE-2002-1668