fkie_cve-2003-0575
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2024-11-20 23:45
Severity ?
Summary
Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sgi | irix | 6.5 | |
| sgi | irix | 6.5.1 | |
| sgi | irix | 6.5.2 | |
| sgi | irix | 6.5.3 | |
| sgi | irix | 6.5.4 | |
| sgi | irix | 6.5.5 | |
| sgi | irix | 6.5.6 | |
| sgi | irix | 6.5.7 | |
| sgi | irix | 6.5.8 | |
| sgi | irix | 6.5.9 | |
| sgi | irix | 6.5.10 | |
| sgi | irix | 6.5.11 | |
| sgi | irix | 6.5.12 | |
| sgi | irix | 6.5.13 | |
| sgi | irix | 6.5.14 | |
| sgi | irix | 6.5.15 | |
| sgi | irix | 6.5.16 | |
| sgi | irix | 6.5.17 | |
| sgi | irix | 6.5.17f | |
| sgi | irix | 6.5.17m | |
| sgi | irix | 6.5.18 | |
| sgi | irix | 6.5.18f | |
| sgi | irix | 6.5.18m | |
| sgi | irix | 6.5.19 | |
| sgi | irix | 6.5.19f | |
| sgi | irix | 6.5.19m | |
| sgi | irix | 6.5.20 | |
| sgi | irix | 6.5.20f | |
| sgi | irix | 6.5.20m | |
| sgi | irix | 6.5.21 | |
| sgi | irix | 6.5.21f | |
| sgi | irix | 6.5.21m |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B24D34C-1F95-45C8-9A57-2D2622ED9019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B13C07CC-F615-4F30-B532-4BF6F02F84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE3F77A-909E-4947-A808-BCAB7F96A108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
"matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F1E3C7-0FDD-46E1-8748-6A5FF669C95C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "2334FD6C-444F-4042-AF6D-D654C18C9950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.19f:*:*:*:*:*:*:*",
"matchCriteriaId": "61370032-AB21-4E93-B143-A92A342AFB1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.19m:*:*:*:*:*:*:*",
"matchCriteriaId": "C833FC19-D913-4C62-B14A-E1B3845D0275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFCB9A7-9121-4FAE-B6FA-96C3A023ACEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.20f:*:*:*:*:*:*:*",
"matchCriteriaId": "B90188D6-6C57-45C2-B266-50D65B4D33E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.20m:*:*:*:*:*:*:*",
"matchCriteriaId": "39DD839E-159B-43FD-A1E6-A22EE658BEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C1514F-A4DD-462C-9955-2AD8CF5B7F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.21f:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9CF799-3B52-4694-A706-37FA08EC9ABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.21m:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5A5AD7-F8AD-448F-8125-ACB0E7BA0A4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en el mont\u00f3n en el demonio de servicios de nombre (nsd) en SGI IRIX 6.5.x a 6.5.21f, y posiblemente versiones anteriores, permite a atacantes ganar privilegios de root mediante la lista gid AUTH_UNIX."
}
],
"id": "CVE-2003-0575",
"lastModified": "2024-11-20T23:45:03.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-08-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030704-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105958240709302\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/9390"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/n-130.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/682900"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/2337"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8304"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030704-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105958240709302\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/9390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/n-130.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/682900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/2337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12763"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.