PT-2003-1025 · Noffle+1 · Noffle+2

Published

2003-01-29

Updated

2017-07-11

CVE-2003-0037

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions noffle news server version 1.0.1 and earlier noffle (affected versions not specified)

Description The issue concerns buffer overflows in the noffle news server, allowing remote attackers to cause a denial of service and possibly execute arbitrary code. Multiple vulnerabilities in the noffle package of the Debian GNU/Linux operating system can lead to breaches of confidentiality, integrity, and availability of protected information, with exploitation possible remotely.

Recommendations For noffle news server version 1.0.1 and earlier, update to a version later than 1.0.1 to resolve the issue. For noffle, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-03353

CVE-2003-0037

DSA-244

Affected Products

Debian

Noffle

Noffle News Server

PT-2003-1025 · Noffle+1 · Noffle+2

CVE-2003-0037

Related Identifiers

Affected Products

References · 8