Vulnerability Details : CVE-2003-0057
Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2003-0057
- cpe:2.3:a:hypermail:hypermail:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:hypermail:hypermail:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:hypermail:hypermail:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:hypermail:hypermail:2.1_.0:*:*:*:*:*:*:*
- cpe:2.3:a:hypermail:hypermail:2.0b25:*:*:*:*:*:*:*
- cpe:2.3:a:hypermail:hypermail:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:hypermail:hypermail:2.1.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-0057
4.36%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2003-0057
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2003-0057
-
http://www.securityfocus.com/bid/6690
-
http://www.securityfocus.com/bid/6689
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/11157
Hypermail long mail attachment buffer overflow CVE-2003-0057 Vulnerability Report
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/11158
-
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0042.html
-
http://secunia.com/advisories/8030
-
http://www.debian.org/security/2003/dsa-248
Debian -- The Universal Operating System
-
http://marc.info/?l=bugtraq&m=104369136703903&w=2
'Hypermail buffer overflows' - MARC
Jump to