PT-2003-1889 · Umn · Gopherd

Vade79

Published

2003-09-19

Updated

2016-10-18

CVE-2003-0805

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: UMN gopher daemon (gopherd) versions 2.x through 3.0.5

Description: The issue is related to multiple buffer overflows that allow attackers to execute arbitrary code. This can be achieved via a long filename as a result of a LIST command, and through the GSisText function, which calculates the view-type.

Recommendations: For versions 2.x through 3.0.5, update to version 3.0.6 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0805

DSA-387

Affected Products

Gopherd

PT-2003-1889 · Umn · Gopherd

CVE-2003-0805

Related Identifiers

Affected Products

References · 9