CyberSec.Space Logo
Back to CVE Browser

CVE-2003-0041

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile4.17th
PublishedFeb 19, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.

Affected Platforms (CPE)

πŸ“¦
Mit

Kerberos Ftp Client

All versions
πŸ’»
Redhat

Linux

= 6.2
πŸ’»
Redhat

Linux

= 7.0
πŸ’»
Redhat

Linux

= 7.1
πŸ’»
Redhat

Linux

= 7.2
πŸ’»
Redhat

Linux

= 7.3
πŸ’»
Redhat

Linux

= 8.0
πŸ“¦
Mandrakesoft

Mandrake Multi Network Firewall

= 8.2
πŸ’»
Mandrakesoft

Mandrake Linux

= 8.1
πŸ’»
Mandrakesoft

Mandrake Linux

= 8.2
πŸ’»
Mandrakesoft

Mandrake Linux

= 9.0

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html
πŸ”— http://secunia.com/advisories/7979
πŸ”— http://secunia.com/advisories/8114
πŸ”— http://www.mandriva.com/security/advisories?name=MDKSA-2003:021
πŸ”— http://www.redhat.com/support/errata/RHSA-2003-020.html
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html
πŸ”— http://secunia.com/advisories/7979
πŸ”— http://secunia.com/advisories/8114

Related Vulnerabilities

CVE-2002-06007.5

Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via...

CVE-2003-071510.0

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers...

CVE-2003-109010.0

Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.

CVE-2003-016110.0

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions ...