Vulnerability Details CVE-2005-3863
Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.073
EPSS Ranking 91.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/17768
- http://secunia.com/advisories/18081
- http://secunia.com/advisories/20329
- http://secunia.com/advisories/20368
- http://secunia.com/advisories/20446
- http://secunia.com/advisories/21684
- http://security.gentoo.org/glsa/glsa-200512-11.xml
- http://security.gentoo.org/glsa/glsa-200608-27.xml
- http://www.debian.org/security/2006/dsa-1083
- http://www.debian.org/security/2006/dsa-1088
- http://www.osvdb.org/21161
- http://www.securityfocus.com/archive/1/417906/100/0/threaded
- http://www.securityfocus.com/bid/15600
- http://www.vupen.com/english/advisories/2005/2605
- http://www.vupen.com/english/advisories/2006/2062
- http://www.zone-h.org/en/advisories/read/id=8480/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23233
- http://secunia.com/advisories/17768
- http://secunia.com/advisories/18081
- http://secunia.com/advisories/20329
- http://secunia.com/advisories/20368
- http://secunia.com/advisories/20446
- http://secunia.com/advisories/21684
- http://security.gentoo.org/glsa/glsa-200512-11.xml
- http://security.gentoo.org/glsa/glsa-200608-27.xml
- http://www.debian.org/security/2006/dsa-1083
- http://www.debian.org/security/2006/dsa-1088
- http://www.osvdb.org/21161
- http://www.securityfocus.com/archive/1/417906/100/0/threaded
- http://www.securityfocus.com/bid/15600
- http://www.vupen.com/english/advisories/2005/2605
- http://www.vupen.com/english/advisories/2006/2062
- http://www.zone-h.org/en/advisories/read/id=8480/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23233