Vulnerability Description
SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sgi | Irix | 6.5.1 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20030701-01-PPatchVendor Advisory
- ftp://patches.sgi.com/support/free/security/advisories/20030701-01-PPatchVendor Advisory
FAQ
What is CVE-2003-0177?
CVE-2003-0177 is a vulnerability with a CVSS score of 4.6 (MEDIUM). SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.
How severe is CVE-2003-0177?
CVE-2003-0177 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0177?
Check the references section above for vendor advisories and patch information. Affected products include: Sgi Irix.