Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0805

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0805
Last Modified 10 Sep 2008 03:20:30
Published 06 Oct 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0805

Summary

Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.

Vulnerable Systems

Application

  • University Of Minnesota Gopherd 2.0.3

  • University Of Minnesota Gopherd 2.0.4

  • University Of Minnesota Gopherd 2.3

  • University Of Minnesota Gopherd 2.3.1

  • University Of Minnesota Gopherd 3.0.0

  • University Of Minnesota Gopherd 3.0.1

  • University Of Minnesota Gopherd 3.0.2

  • University Of Minnesota Gopherd 3.0.3

  • University Of Minnesota Gopherd 3.0.4

  • University Of Minnesota Gopherd 3.0.5


References

DEBIAN - DSA-387

BUGTRAQ - 20030818 FW: [gopher] UMN Gopher 3.0.6 released

BUGTRAQ - 20030712 UMN gopherd[2.x.x/3.x.x]: ftp gateway, and GSisText() buffer


Last Updated: 27 May 2016 10:38:04