Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities by sane
CVE-2003-0773 (GCVE-0-2003-0773)
Vulnerability from nvd – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/8595 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8595",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8595"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8595",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8595"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0773",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8595"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0773",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0775 (GCVE-0-2003-0775)
Vulnerability from nvd – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/8600 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8600",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8600"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8600",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8600"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8600"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0775",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0777 (GCVE-0-2003-0777)
Vulnerability from nvd – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/8597 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8597",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8597"
},
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8597",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8597"
},
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8597"
},
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0777",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0776 (GCVE-0-2003-0776)
Vulnerability from nvd – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier does not properly \"check the validity of the RPC numbers it gets before getting the parameters,\" with unknown consequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier does not properly \"check the validity of the RPC numbers it gets before getting the parameters,\" with unknown consequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0776",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0774 (GCVE-0-2003-0774)
Vulnerability from nvd – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0774",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0778 (GCVE-0-2003-0778)
Vulnerability from nvd – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/8596 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "8596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8596"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "8596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8596"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "8596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8596"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0778",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0890 (GCVE-0-2001-0890)
Vulnerability from nvd – Published: 2002-07-23 04:00 – Updated: 2024-08-08 04:37
VLAI
Summary
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/7714.php | vdb-entryx_refsource_XF |
| http://rhn.redhat.com/errata/RHSA-2001-171.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/3987 | vdb-entryx_refsource_BID |
Date Public
2001-12-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "xsane-temp-symlink(7714)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7714.php"
},
{
"name": "RHSA-2001:171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2001-171.html"
},
{
"name": "3987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3987"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-07-26T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "xsane-temp-symlink(7714)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7714.php"
},
{
"name": "RHSA-2001:171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2001-171.html"
},
{
"name": "3987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3987"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "xsane-temp-symlink(7714)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7714.php"
},
{
"name": "RHSA-2001:171",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2001-171.html"
},
{
"name": "3987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3987"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0890",
"datePublished": "2002-07-23T04:00:00.000Z",
"dateReserved": "2001-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:37:06.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0773 (GCVE-0-2003-0773)
Vulnerability from cvelistv5 – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/8595 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8595",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8595"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8595",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8595"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0773",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8595"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0773",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0775 (GCVE-0-2003-0775)
Vulnerability from cvelistv5 – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/8600 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8600",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8600"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8600",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8600"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "8600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8600"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0775",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0777 (GCVE-0-2003-0777)
Vulnerability from cvelistv5 – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/8597 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8597",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8597"
},
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8597",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8597"
},
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8597"
},
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0777",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0776 (GCVE-0-2003-0776)
Vulnerability from cvelistv5 – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier does not properly \"check the validity of the RPC numbers it gets before getting the parameters,\" with unknown consequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier does not properly \"check the validity of the RPC numbers it gets before getting the parameters,\" with unknown consequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0776",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0774 (GCVE-0-2003-0774)
Vulnerability from cvelistv5 – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0774",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0778 (GCVE-0-2003-0778)
Vulnerability from cvelistv5 – Published: 2003-09-12 04:00 – Updated: 2024-08-08 02:05
VLAI
Summary
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-278.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Ser… | vendor-advisoryx_refsource_SCO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.redhat.com/support/errata/RHSA-2003-285.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/8593 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/8596 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2003/dsa-379 | vendor-advisoryx_refsource_DEBIAN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "8596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8596"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-10-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "8596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8596"
},
{
"name": "DSA-379",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:278",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-278.html"
},
{
"name": "CSSA-2004-005.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt"
},
{
"name": "SuSE-SA:2003:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_046_sane.html"
},
{
"name": "RHSA-2003:285",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-285.html"
},
{
"name": "8593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8593"
},
{
"name": "8596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8596"
},
{
"name": "DSA-379",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-379"
},
{
"name": "MDKSA-2003:099",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0778",
"datePublished": "2003-09-12T04:00:00.000Z",
"dateReserved": "2003-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0890 (GCVE-0-2001-0890)
Vulnerability from cvelistv5 – Published: 2002-07-23 04:00 – Updated: 2024-08-08 04:37
VLAI
Summary
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/7714.php | vdb-entryx_refsource_XF |
| http://rhn.redhat.com/errata/RHSA-2001-171.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/3987 | vdb-entryx_refsource_BID |
Date Public
2001-12-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "xsane-temp-symlink(7714)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7714.php"
},
{
"name": "RHSA-2001:171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2001-171.html"
},
{
"name": "3987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3987"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-07-26T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "xsane-temp-symlink(7714)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7714.php"
},
{
"name": "RHSA-2001:171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2001-171.html"
},
{
"name": "3987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3987"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "xsane-temp-symlink(7714)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7714.php"
},
{
"name": "RHSA-2001:171",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2001-171.html"
},
{
"name": "3987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3987"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0890",
"datePublished": "2002-07-23T04:00:00.000Z",
"dateReserved": "2001-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:37:06.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}