Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0689

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0689
Last Modified 10 Sep 2008 03:20:09
Published 20 Oct 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0689

Summary

The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 2.1


References

REDHAT - RHSA-2003:249

REDHAT - RHSA-2003:325


Last Updated: 27 May 2016 10:38:00