CVE-2003-0853

Name of the Vulnerable Software and Affected Versions fileutils versions 4.0.36 through 4.1.9

Description The issue is related to an integer overflow in the ls command, potentially allowing local users to cause a denial of service or execute arbitrary code via a large -w value. This could be remotely exploited via applications that use ls, such as wu-ftpd. Multiple vulnerabilities in the fileutils package of Red Hat Linux may lead to a disruption of protected information availability, and these vulnerabilities can be exploited remotely.

Recommendations For fileutils versions 4.0.36 through 4.1.9, consider disabling the ls command or restricting its use until a patch is available. As a temporary workaround, avoid using the -w option with large values in the ls command to minimize the risk of exploitation. Restrict access to applications that use the ls command, such as wu-ftpd, to minimize the risk of remote exploitation.