VAR-200312-0205
Vulnerability from variot - Updated: 2023-12-18 13:45Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors. A vulnerability in the Tivoli Firewall Toolbox version 1.2 has been discovered that can lead to remote unauthorized compromise of the environment with in the firewall system. The problem exists because the Firewall Security Toolbox relay daemon fails to perform adequate bounds checking on received data. The relay daemon process included in TFST listens to the TCP network socket. When storing data from the Tivoli node to the memory buffer, no boundary check operation is performed. If a forged Tivoli node provides a large amount of data, it can Buffer overflow occurs in the Relay daemon program, and important program control data in the control stack can cause arbitrary instructions to be executed on the system with the Relay process authority. Under the Unix platform, the \'\'nobody\'\' authority is generally used
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200312-0205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tivoli firewall toolbox",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tivoli",
"version": null
},
{
"model": "tivoli firewall security toolbox",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "tivoli firewall security toolbox",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#210937"
},
{
"db": "BID",
"id": "7154"
},
{
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:tivoli_firewall_toolbox:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1104"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Niels Heinen\u203b niels.heinen@ubizen.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
],
"trust": 0.6
},
"cve": "CVE-2003-1104",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-7929",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-1104",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#210937",
"trust": 0.8,
"value": "10.31"
},
{
"author": "CNNVD",
"id": "CNNVD-200312-268",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-7929",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#210937"
},
{
"db": "VULHUB",
"id": "VHN-7929"
},
{
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors. A vulnerability in the Tivoli Firewall Toolbox version 1.2 has been discovered that can lead to remote unauthorized compromise of the environment with in the firewall system. The problem exists because the Firewall Security Toolbox relay daemon fails to perform adequate bounds checking on received data. The relay daemon process included in TFST listens to the TCP network socket. When storing data from the Tivoli node to the memory buffer, no boundary check operation is performed. If a forged Tivoli node provides a large amount of data, it can Buffer overflow occurs in the Relay daemon program, and important program control data in the control stack can cause arbitrary instructions to be executed on the system with the Relay process authority. Under the Unix platform, the \\\u0027\\\u0027nobody\\\u0027\\\u0027 authority is generally used",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"db": "CERT/CC",
"id": "VU#210937"
},
{
"db": "BID",
"id": "7154"
},
{
"db": "VULHUB",
"id": "VHN-7929"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#210937",
"trust": 2.5
},
{
"db": "BID",
"id": "7154",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "8349",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2003-1104",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200312-268",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20030320 IBM TIVOLI FIREWALL SECURITY TOOLBOX BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "4583",
"trust": 0.6
},
{
"db": "XF",
"id": "11584",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-7929",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#210937"
},
{
"db": "VULHUB",
"id": "VHN-7929"
},
{
"db": "BID",
"id": "7154"
},
{
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
]
},
"id": "VAR-200312-0205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7929"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:45:32.933000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1104"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/7154"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-03/0307.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/210937"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/8349"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11584"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/11584"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/4583"
},
{
"trust": 0.3,
"url": "http://www-3.ibm.com/software/tivoli/"
},
{
"trust": 0.3,
"url": "/archive/1/315733"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#210937"
},
{
"db": "VULHUB",
"id": "VHN-7929"
},
{
"db": "BID",
"id": "7154"
},
{
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#210937"
},
{
"db": "VULHUB",
"id": "VHN-7929"
},
{
"db": "BID",
"id": "7154"
},
{
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-19T00:00:00",
"db": "CERT/CC",
"id": "VU#210937"
},
{
"date": "2003-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-7929"
},
{
"date": "2003-03-20T00:00:00",
"db": "BID",
"id": "7154"
},
{
"date": "2003-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"date": "2003-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-19T00:00:00",
"db": "CERT/CC",
"id": "VU#210937"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7929"
},
{
"date": "2003-03-20T00:00:00",
"db": "BID",
"id": "7154"
},
{
"date": "2017-07-11T01:29:44.727000",
"db": "NVD",
"id": "CVE-2003-1104"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Tivoli Firewall Toolbox contains vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#210937"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7154"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-268"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…