CVE-2001-0191

Опубликовано: 03 мая 2001

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-02/0030.html
Broken Link
Patch
Vendor Advisory
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-019.php3
Broken Link
Patch
http://www.redhat.com/support/errata/RHSA-2001-010.html
Broken Link
Patch
http://www.redhat.com/support/errata/RHSA-2001-011.html
Broken Link
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/6056
Third Party Advisory
VDB Entry
http://archives.neohapsis.com/archives/bugtraq/2001-02/0030.html
Broken Link
Patch
Vendor Advisory
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-019.php3
Broken Link
Patch
http://www.redhat.com/support/errata/RHSA-2001-010.html
Broken Link
Patch
http://www.redhat.com/support/errata/RHSA-2001-011.html
Broken Link
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/6056
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:andynorman:gnuserv:*:*:*:*:*:*:*:*

Версия до 3.12 (исключая)

cpe:2.3:a:gnu:xemacs:-:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01188

Низкий

10 Critical

CVSS2

Дефекты

CWE-120

Связанные уязвимости

CVE-2001-0191

redhat

больше 24 лет назад

GHSA-5w94-q2g4-prcg

github

больше 3 лет назад