CyberSec.Space Logo
Back to CVE Browser

CVE-2003-0805

HIGH
7.5
CVSS Severity Score
EPSS Score0.1370%
EPSS Percentile1.05th
PublishedOct 6, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.

Affected Platforms (CPE)

πŸ“¦
University Of Minnesota

Gopherd

= 2.0.3
πŸ“¦
University Of Minnesota

Gopherd

= 2.0.4
πŸ“¦
University Of Minnesota

Gopherd

= 2.3
πŸ“¦
University Of Minnesota

Gopherd

= 2.3.1
πŸ“¦
University Of Minnesota

Gopherd

= 3.0.0
πŸ“¦
University Of Minnesota

Gopherd

= 3.0.1
πŸ“¦
University Of Minnesota

Gopherd

= 3.0.2
πŸ“¦
University Of Minnesota

Gopherd

= 3.0.3
πŸ“¦
University Of Minnesota

Gopherd

= 3.0.4
πŸ“¦
University Of Minnesota

Gopherd

= 3.0.5

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=105804485302211&w=2
πŸ”— http://marc.info/?l=bugtraq&m=106123498310717&w=2
πŸ”— http://www.debian.org/security/2003/dsa-387
πŸ”— http://marc.info/?l=bugtraq&m=105804485302211&w=2
πŸ”— http://marc.info/?l=bugtraq&m=106123498310717&w=2
πŸ”— http://www.debian.org/security/2003/dsa-387

Related Vulnerabilities

CVE-2000-074310.0

Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key g...

CVE-2004-05617.5

Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of serv...

CVE-2004-05607.5

Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitr...

CVE-2003-071510.0

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers...