VDB
CVE-2003-0252
CVE-2003-0252
PUBLISHED
CVSS 10 CRITICAL
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
EPSS 16.11% · 94.9th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
16.11%
94.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| linux-nfs | nfs-utils | 0 |
Timeline
- Jul 15, 2003 CVE Published
- Sep 23, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 1001262 vendor-advisory
- RHSA-2003:206 vendor-advisory
- 8179 vdb
- 20030716 Immunix Secured OS 7+ nfs-utils update -- bugtraq mailing-list
- http://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txt url
- TLSA-2003-44 vendor-advisory
- RHSA-2003:207 vendor-advisory
- 20030714 Linux nfs-utils xlog() off-by-one bug mailing-list
- 1007187 vdb
- 20030714 Reality of the rpc.mountd bug mailing-list
- MDKSA-2003:076 vendor-advisory
- 20030714 Linux nfs-utils xlog() off-by-one bug mailing-list
- 20030715 [slackware-security] nfs-utils packages replaced (SSA:2003-195-01b) mailing-list
- 9259 third-party-advisory
- nfs-utils-offbyone-bo(12600) vdb
- oval:org.mitre.oval:def:443 vdb
- VU#258564 third-party-advisory
- SuSE-SA:2003:031 vendor-advisory
- DSA-349 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2003-0252 advisory