Vulnerability Details CVE-2003-0850
The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000773
- http://marc.info/?l=bugtraq&m=106728224210446&w=2
- http://secunia.com/advisories/10543
- http://sourceforge.net/project/shownotes.php?release_id=191323
- http://www.debian.org/security/2004/dsa-410
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000773
- http://marc.info/?l=bugtraq&m=106728224210446&w=2
- http://secunia.com/advisories/10543
- http://sourceforge.net/project/shownotes.php?release_id=191323
- http://www.debian.org/security/2004/dsa-410
Products affected by CVE-2003-0850
-
cpe:2.3:a:dug_song:dsniff:2.3
-
cpe:2.3:a:rafal_wojtczuk:libnids:1.11
-
cpe:2.3:a:rafal_wojtczuk:libnids:1.12
-
cpe:2.3:a:rafal_wojtczuk:libnids:1.13
-
cpe:2.3:a:rafal_wojtczuk:libnids:1.14
-
cpe:2.3:a:rafal_wojtczuk:libnids:1.16
-
cpe:2.3:a:rafal_wojtczuk:libnids:1.17