Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0850

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0850
Last Modified 10 Sep 2008 03:20:42
Published 17 Nov 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0850

Summary

The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."

Vulnerable Systems

Application

  • Dug Song Dsniff 2.3

  • Rafal Wojtczuk Libnids 1.11

  • Rafal Wojtczuk Libnids 1.12

  • Rafal Wojtczuk Libnids 1.13

  • Rafal Wojtczuk Libnids 1.14

  • Rafal Wojtczuk Libnids 1.16

  • Rafal Wojtczuk Libnids 1.17


References

DEBIAN - DSA-410

BUGTRAQ - 20031027 Libnids <= 1.17 buffer overflow

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=191323

SECUNIA - 10543

CONECTIVA - CLA-2003:773


Last Updated: 27 May 2016 10:38:05