PT-2003-1570 · Tenable · Nessus
Sir Mordred
·
Publicado
2003-06-06
·
Atualizado
2016-10-18
·
CVE-2003-0373
CVSS v2.0
4.4
Média
| Vetor | AV:L/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Nessus versions prior to 2.0.6
Description:
The issue is related to multiple buffer overflows in the libnasl component. These overflows can be triggered by local users with plugin upload privileges, potentially leading to a denial of service (core dump) and possibly the execution of arbitrary code. This can occur through various means, including a long
proto argument to the scanner add port function, a long user argument to the ftp log in function, or a long pass argument to the ftp log in function.Recommendations:
For Nessus versions prior to 2.0.6, update to version 2.0.6 or later to resolve the issue.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nessus