Local User Memory Consumption Vulnerability in ls for Fileutils and Coreutils by GNU
CVE-2003-0854

Currently unrated

Key Information:

Vendor: Gnu
Status: Fileutils; Wu-ftpd
Vendor: CVE Published:; 17 November 2003

What is CVE-2003-0854?

The ls command within the Fileutils and Coreutils packages by GNU is susceptible to a vulnerability that allows local users to exploit memory consumption issues by passing an excessively large value to the -w option. This could potentially allow attackers to impact system resources through applications that utilize the ls command, including various FTP services like wu-ftpd. Proper mitigation strategies should be implemented to safeguard against this type of local exploitation.

References

http://www.debian.org/security/2005/dsa-705

vendor-advisoryx_refsource_DEBIAN

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...

vendor-advisoryx_refsource_CONECTIVA

http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2003
Vulnerability Reserved
Oct 10, 2003

Gnu

What is CVE-2003-0854?

References

Timeline