Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1228

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-1228
Last Modified 05 Sep 2008 04:36:22
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1228

Summary

Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path.

Vulnerable Systems

Application

  • Mathopd 1.2

  • Mathopd 1.3

  • Mathopd 1.3 P17

  • Mathopd 1.3 P18

  • Mathopd 1.3 P4

  • Mathopd 1.3 P5

  • Mathopd 1.3 P6

  • Mathopd 1.3 P7

  • Mathopd 1.3 P8

  • Mathopd 1.4

  • Mathopd 1.4 P1

  • Mathopd 1.5 B13


References

XF - mathopd-preparereply-bo(15474)

BID - 9871

MISC - http://www.securiteam.com/unixfocus/5FP0C1FCAW.html

SECUNIA - 10385

BUGTRAQ - 20031208 Re: [Fwd: Security Alert; possible buffer overflow in all Mathopd

BUGTRAQ - 20031205 [Fwd: Security Alert; possible buffer overflow in all Mathopd versions]


Last Updated: 27 May 2016 10:38:17