PT-2000-1676 · University Of Minnesota · Gopherd
Publicado
2000-10-20
·
Atualizado
2008-09-05
·
CVE-2000-0743
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
University of Minnesota (UMN) gopherd versions 2.x
Description
A buffer overflow issue exists, allowing remote attackers to execute arbitrary commands. This is achieved via a DES key generation request (GDESkey) that contains a long
ticket value.Recommendations
For University of Minnesota (UMN) gopherd versions 2.x, consider disabling the GDESkey request handling until a patch is available to prevent exploitation of the buffer overflow issue.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Gopherd