Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0372


Vulnerability Score 4.6 4.6
CVE Id CVE-2003-0372
Last Modified 05 Sep 2008 04:34:09
Published 16 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script.

Vulnerable Systems


  • Nessus 2.0.5


BUGTRAQ - 20030523 nessus NASL scripting engine security issues

BUGTRAQ - 20030522 Potential security vulnerability in Nessus

BID - 7664

Last Updated: 27 May 2016 10:37:53