CyberSec.Space Logo
返回 CVE 浏览器

CVE-2003-0041

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile4.17th
Published2003年2月19日
Last Modified2026年4月16日

Vulnerability Description

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.

Affected Platforms (CPE)

📦
Mit

Kerberos Ftp Client

All versions
💻
Redhat

Linux

= 6.2
💻
Redhat

Linux

= 7.0
💻
Redhat

Linux

= 7.1
💻
Redhat

Linux

= 7.2
💻
Redhat

Linux

= 7.3
💻
Redhat

Linux

= 8.0
📦
Mandrakesoft

Mandrake Multi Network Firewall

= 8.2
💻
Mandrakesoft

Mandrake Linux

= 8.1
💻
Mandrakesoft

Mandrake Linux

= 8.2
💻
Mandrakesoft

Mandrake Linux

= 9.0

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html
🔗 http://secunia.com/advisories/7979
🔗 http://secunia.com/advisories/8114
🔗 http://www.mandriva.com/security/advisories?name=MDKSA-2003:021
🔗 http://www.redhat.com/support/errata/RHSA-2003-020.html
🔗 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html
🔗 http://secunia.com/advisories/7979
🔗 http://secunia.com/advisories/8114

相关漏洞威胁

CVE-2002-06007.5

Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via...

CVE-2003-030410.0

one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the inst...

CVE-2003-109010.0

Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.

CVE-2003-016110.0

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions ...