Vulnerability Details CVE-2003-0041
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html
- http://secunia.com/advisories/7979
- http://secunia.com/advisories/8114
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:021
- http://www.redhat.com/support/errata/RHSA-2003-020.html
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html
- http://secunia.com/advisories/7979
- http://secunia.com/advisories/8114
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:021
- http://www.redhat.com/support/errata/RHSA-2003-020.html
Products affected by CVE-2003-0041
-
cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2
-
cpe:2.3:a:mit:kerberos_ftp_client:-
-
cpe:2.3:o:mandrakesoft:mandrake_linux:8.1
-
cpe:2.3:o:mandrakesoft:mandrake_linux:8.2
-
cpe:2.3:o:mandrakesoft:mandrake_linux:9.0
-
cpe:2.3:o:redhat:linux:6.2
-
cpe:2.3:o:redhat:linux:7.0
-
cpe:2.3:o:redhat:linux:7.1
-
cpe:2.3:o:redhat:linux:7.2
-
cpe:2.3:o:redhat:linux:7.3
-
cpe:2.3:o:redhat:linux:8.0