CVE-2003-0693 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2003-0693
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-0693

Description: A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/13191 TRUSTIX http://marc.theaimsgroup.com/?l=bugtraq&m=106381396120332&w=2 SUSE REDHAT http://marc.theaimsgroup.com/?l=bugtraq&m=106373546332230&w=2 http://www.redhat.com/support/errata/RHSA-2003-280.html OVAL http://oval.mitre.org/oval/definitions/data/oval447.html http://oval.mitre.org/oval/definitions/data/oval2719.html MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:090 IMMUNIX FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010146.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010135.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010103.html FREEBSD ENGARDE DEBIAN http://www.debian.org/security/2003/dsa-383 http://www.debian.org/security/2003/dsa-382 CONFIRM http://www.openssh.com/txt/buffer.adv CERT-VN 333628 CERT http://www.cert.org/advisories/CA-2003-24.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=106381409220492&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=106373247528528&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=106374466212309&w=2

Return to the previous page.