Buffer Overflow Vulnerability in lsh Daemon by lshd
CVE-2003-0826

Currently unrated

Key Information:

Vendor: Gnu
Status: Lsh
Vendor: CVE Published:; 6 October 2003

Summary

The lsh daemon (lshd) is susceptible to a buffer overflow vulnerability that occurs due to improper handling of long input in specific functions such as read_line.c, channel_commands.c, and client_keyexchange.c. This flaw can be exploited by remote attackers to execute arbitrary code, potentially leading to unauthorized access and control over affected systems. Users of affected lsh versions should apply patches and updates to mitigate the risk.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2003-S...

mailing-listx_refsource_FULLDISC

http://lists.lysator.liu.se/pipermail/lsh-bugs/2003q3/000...

x_refsource_CONFIRM

http://bugs.debian.org/211662

x_refsource_CONFIRM

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 6, 2003
Vulnerability Reserved
Sep 19, 2003