Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0854

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2003-0854
Last Modified 10 Sep 2008 03:20:44
Published 17 Nov 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0854

Summary

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.

Vulnerable Systems

Application

  • Gnu Fileutils 4.0

  • Gnu Fileutils 4.0.36

  • Gnu Fileutils 4.1

  • Gnu Fileutils 4.1.6

  • Gnu Fileutils 4.1.7

  • Washington University Wu-ftpd 2.4.1

  • Washington University Wu-ftpd 2.4.2 Beta18

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr10

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr11

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr12

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr13

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr14

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr15

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr4

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr5

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr6

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr7

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr8

  • Washington University Wu-ftpd 2.4.2 Beta18 Vr9

  • Washington University Wu-ftpd 2.4.2 Beta2

  • Washington University Wu-ftpd 2.4.2 Vr16

  • Washington University Wu-ftpd 2.4.2 Vr17

  • Washington University Wu-ftpd 2.5.0

  • Washington University Wu-ftpd 2.6.0

  • Washington University Wu-ftpd 2.6.1

  • Washington University Wu-ftpd 2.6.2


References

TURBO - TLSA-2003-60

IMMUNIX - IMNX-2003-7+-026-01

REDHAT - RHSA-2003:310

REDHAT - RHSA-2003:309

MISC - http://www.guninski.com/binls.html

DEBIAN - DSA-705

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf

SECUNIA - 17069

SECUNIA - 10126

FULLDISC - 20031022 Fun with /bin/ls, yet still ls better than windows

CONECTIVA - CLA-2003:771

CONECTIVA - CLA-2003:768

MILW0RM - 115

MANDRAKE - MDKSA-2003:106


Last Updated: 27 May 2016 10:38:05