CVE-2003-0124 - OpenCVE

man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Andries Brouwer	Man

Configuration 1 [-]

OR	cpe:2.3:a:andries_brouwer:man:1.5h1:::::::*
	cpe:2.3:a:andries_brouwer:man:1.5i:::::::*
	cpe:2.3:a:andries_brouwer:man:1.5i2:::::::*
	cpe:2.3:a:andries_brouwer:man:1.5j:::::::*
	cpe:2.3:a:andries_brouwer:man:1.5k:::::::*

References

Link	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000620
http://marc.info/?l=bugtraq&m=104740927915154&w=2
http://marc.info/?l=bugtraq&m=104802285112752&w=2
http://www.redhat.com/support/errata/RHSA-2003-133.html
http://www.redhat.com/support/errata/RHSA-2003-134.html
http://www.securityfocus.com/bid/7066	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/11512

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2004-08-11T00:00:00

Reserved: 2003-03-12T00:00:00

Link: CVE-2003-0124

JSON object: View

NVD Information

Status : Modified

Published: 2003-03-18T05:00:00.000

Modified: 2017-10-10T01:30:14.500

Link: CVE-2003-0124

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-03-11T00:00:00", "descriptions": [{"lang": "en", "value": "man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value \"unsafe,\" which is then executed as a program via a system call if it is in the search path of the user who runs man."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-08-11T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030311 Vulnerability in man < 1.5l", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=104740927915154&w=2"}, {"name": "man-myxsprintf-code-execution(11512)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11512"}, {"name": "CLSA-2003:620", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000620"}, {"name": "7066", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/7066"}, {"name": "RHSA-2003:134", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-134.html"}, {"name": "GLSA-200303-13", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://marc.info/?l=bugtraq&m=104802285112752&w=2"}, {"name": "RHSA-2003:133", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-133.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0124", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value \"unsafe,\" which is then executed as a program via a system call if it is in the search path of the user who runs man."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030311 Vulnerability in man < 1.5l", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=104740927915154&w=2"}, {"name": "man-myxsprintf-code-execution(11512)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11512"}, {"name": "CLSA-2003:620", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000620"}, {"name": "7066", "refsource": "BID", "url": "http://www.securityfocus.com/bid/7066"}, {"name": "RHSA-2003:134", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-134.html"}, {"name": "GLSA-200303-13", "refsource": "GENTOO", "url": "http://marc.info/?l=bugtraq&m=104802285112752&w=2"}, {"name": "RHSA-2003:133", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-133.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0124", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2003-03-12T00:00:00", "dateUpdated": "2004-08-11T00:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:andries_brouwer:man:1.5h1:*:*:*:*:*:*:*", "matchCriteriaId": "C6255D5B-2C0B-491F-B5E0-77D1F0E5C0DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:andries_brouwer:man:1.5i:*:*:*:*:*:*:*", "matchCriteriaId": "1BA4BFF6-A90C-43FE-AE11-7494A588EBB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:andries_brouwer:man:1.5i2:*:*:*:*:*:*:*", "matchCriteriaId": "F6A56F3E-EA10-464B-ACD3-92B89471CA68", "vulnerable": true}, {"criteria": "cpe:2.3:a:andries_brouwer:man:1.5j:*:*:*:*:*:*:*", "matchCriteriaId": "8390CF3E-84F0-4D79-9DF9-7A7F19DDFC2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:andries_brouwer:man:1.5k:*:*:*:*:*:*:*", "matchCriteriaId": "DCD60C2A-A24C-40F1-8949-482B6A294DA7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value \"unsafe,\" which is then executed as a program via a system call if it is in the search path of the user who runs man."}, {"lang": "es", "value": "man anterior a 1.51 permite a atacantes ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero man con comillas mal colocadas, lo que causa que la funci\u00f3n my_xsprintf devuelva una cadena con el valor \"unsafe\", que es entonces ejecutado como un programa mediante una llamada al sistema si se encuentra en la ruta de b\u00fasqueda del usuario que ejecuta man."}], "id": "CVE-2003-0124", "lastModified": "2017-10-10T01:30:14.500", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-03-18T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000620"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=104740927915154&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=104802285112752&w=2"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-133.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-134.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/7066"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11512"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}