CVE-2003-0853

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.

Published: Nov 17, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0853
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
gnu / fileutils	4.0	4.0.x
washington_university / wu-ftpd	2.4.2_beta18	2.4.2_beta18.x
washington_university / wu-ftpd	2.4.2_beta18_vr14	2.4.2_beta18_vr14.x
washington_university / wu-ftpd	2.5.0	2.5.0.x
washington_university / wu-ftpd	2.4.2_vr17	2.4.2_vr17.x
washington_university / wu-ftpd	2.4.2_beta18_vr9	2.4.2_beta18_vr9.x
gnu / fileutils	4.0.36	4.0.36.x
washington_university / wu-ftpd	2.4.1	2.4.1.x
gnu / fileutils	4.1	4.1.x
washington_university / wu-ftpd	2.4.2_beta18_vr10	2.4.2_beta18_vr10.x
washington_university / wu-ftpd	2.4.2_beta18_vr12	2.4.2_beta18_vr12.x
washington_university / wu-ftpd	2.4.2_beta18_vr7	2.4.2_beta18_vr7.x
washington_university / wu-ftpd	2.6.2	2.6.2.x
gnu / fileutils	4.1.6	4.1.6.x
gnu / fileutils	4.1.7	4.1.7.x
washington_university / wu-ftpd	2.4.2_vr16	2.4.2_vr16.x
washington_university / wu-ftpd	2.6.0	2.6.0.x
washington_university / wu-ftpd	2.4.2_beta18_vr15	2.4.2_beta18_vr15.x
washington_university / wu-ftpd	2.4.2_beta18_vr4	2.4.2_beta18_vr4.x
washington_university / wu-ftpd	2.4.2_beta18_vr5	2.4.2_beta18_vr5.x
washington_university / wu-ftpd	2.4.2_beta18_vr6	2.4.2_beta18_vr6.x
washington_university / wu-ftpd	2.4.2_beta18_vr11	2.4.2_beta18_vr11.x
washington_university / wu-ftpd	2.4.2_beta18_vr13	2.4.2_beta18_vr13.x
washington_university / wu-ftpd	2.4.2_beta18_vr8	2.4.2_beta18_vr8.x
washington_university / wu-ftpd	2.4.2_beta2	2.4.2_beta2.x
washington_university / wu-ftpd	2.6.1	2.6.1.x

Vulnerability Database

289,599

CVE-2003-0853