CVE-2003-0805

Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.

Published: Oct 6, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0805
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
university_of_minnesota / gopherd	2.3	2.3.x
university_of_minnesota / gopherd	2.0.4	2.0.4.x
university_of_minnesota / gopherd	3.0.5	3.0.5.x
university_of_minnesota / gopherd	2.0.3	2.0.3.x
university_of_minnesota / gopherd	3.0.3	3.0.3.x
university_of_minnesota / gopherd	3.0.1	3.0.1.x
university_of_minnesota / gopherd	3.0.0	3.0.0.x
university_of_minnesota / gopherd	2.3.1	2.3.1.x
university_of_minnesota / gopherd	3.0.4	3.0.4.x
university_of_minnesota / gopherd	3.0.2	3.0.2.x

http://marc.info/?l=bugtraq&m=105804485302211&w=2
http://marc.info/?l=bugtraq&m=106123498310717&w=2
http://www.debian.org/security/2003/dsa-387

Vulnerability Database

290,278

CVE-2003-0805