CVE-2004-0045

Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2004-01/0063.html	Patch Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2004-01/0064.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/9382	Patch Vendor Advisory
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.365791
http://www.kb.cert.org/vuls/id/759020	US Government Resource
http://secunia.com/advisories/10578
https://exchange.xforce.ibmcloud.com/vulnerabilities/14190

Configurations

Configuration 1 (hide)

cpe:2.3:a:isc:inn:2.4.0:*:*:*:*:*:*:*

Information

Published : 2004-02-02 21:00

Updated : 2017-10-09 18:30

NVD link : CVE-2004-0045

Mitre link : CVE-2004-0045

JSON object : View

CWE

NVD-CWE-Other

Products Affected

isc

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0063.html", "name": "20040107 [SECURITY] INN: Buffer overflow in control message handling", "tags": ["Patch", "Vendor Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0064.html", "name": "20040108 [OpenPKG-SA-2004.001] OpenPKG Security Advisory (inn)", "tags": ["Patch", "Vendor Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/9382", "name": "9382", "tags": ["Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.365791", "name": "SSA:2004-014-02", "tags": [], "refsource": "SLACKWARE"}, {"url": "http://www.kb.cert.org/vuls/id/759020", "name": "VU#759020", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://secunia.com/advisories/10578", "name": "10578", "tags": [], "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14190", "name": "inn-artpost-control-message-bo(14190)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-0045", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-02-03T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:isc:inn:2.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-10-10T01:30Z"}

7.5 /10