CVE-2003-0773

Name of the Vulnerable Software and Affected Versions: sane-backends versions 1.0.7 and earlier

Description: The issue concerns the saned component in sane-backends, which fails to verify the IP address of the connecting host during the SANE NET INIT RPC call. This oversight allows remote attackers to exploit this call even if their access is restricted in the saned.conf configuration file.

Recommendations: For versions 1.0.7 and earlier, consider restricting access to the saned service to minimize the risk of exploitation until a patch is available. As a temporary workaround, review and tighten the restrictions in the saned.conf file to limit access to trusted hosts.