Integer Overflow Vulnerability in ls Command Affecting Fileutils and Coreutils
CVE-2003-0853

Currently unrated

Key Information:

Vendor: Gnu
Status: Fileutils; Wu-ftpd
Vendor: CVE Published:; 17 November 2003

What is CVE-2003-0853?

The ls command in the fileutils and coreutils packages contains an integer overflow vulnerability that could be exploited by local users. An attacker can manipulate the -w value, potentially causing a denial of service or executing arbitrary code. This flaw may be remotely exploitable through applications that utilize ls, such as wu-ftpd, leading to serious security concerns.

References

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...

vendor-advisoryx_refsource_CONECTIVA

http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf

x_refsource_CONFIRM

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...

vendor-advisoryx_refsource_CONECTIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2003
Vulnerability Reserved
Oct 10, 2003

Gnu

What is CVE-2003-0853?

References

Timeline