CVE-2003-0947

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2003-0947
Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://marc.info/?l=bugtraq&m=106867458902521&w=2 Exploit Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=106867458902521&w=2 Exploit Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wireless_tools_project:wireless_tools:19:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:20:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:21:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:22:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:23:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:24:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:25:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:26:*:*:*:*:*:*:*
History

20 Nov 2024, 23:45

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=106867458902521&w=2 - Exploit, Mailing List, Third Party Advisory () http://marc.info/?l=bugtraq&m=106867458902521&w=2 - Exploit, Mailing List, Third Party Advisory

21 Jun 2022, 15:49

Type Values Removed Values Added
References (BUGTRAQ) http://marc.info/?l=bugtraq&m=106867458902521&w=2 - (BUGTRAQ) http://marc.info/?l=bugtraq&m=106867458902521&w=2 - Exploit, Mailing List, Third Party Advisory
CPE cpe:2.3:a:wireless_tools:wireless_tools:22:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools:wireless_tools:25:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools:wireless_tools:24:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools:wireless_tools:20:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools:wireless_tools:23:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools:wireless_tools:21:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools:wireless_tools:19:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools:wireless_tools:26:*:*:*:*:*:*:*		 cpe:2.3:a:wireless_tools_project:wireless_tools:20:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:25:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:22:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:26:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:24:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:21:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:23:*:*:*:*:*:*:*
cpe:2.3:a:wireless_tools_project:wireless_tools:19:*:*:*:*:*:*:*
CWE NVD-CWE-Other CWE-120
Information

Published : 2003-12-15 05:00

Updated : 2024-11-20 23:45

NVD link : CVE-2003-0947

Mitre link : CVE-2003-0947

CVE.ORG link : CVE-2003-0947

JSON object : View

Products Affected

wireless_tools_project

  • wireless_tools
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')