CVE-2003-0358 — MEDIUM (4.6)

Q: What is CVE-2003-0358?

CVE-2003-0358 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.

Q: How severe is CVE-2003-0358?

CVE-2003-0358 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2003-0358?

Check the references section above for vendor advisories and patch information. Affected products include: Falconseye Project Falconseye, Nethack Nethack, Debian Debian Linux.

Vulnerability Description

Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Falconseye Project	Falconseye	<= 1.9.3
Nethack	Nethack	<= 3.4.0
Debian	Debian Linux	2.2

Related Weaknesses (CWE)

CWE-120

References

http://nethack.sourceforge.net/v340/bugmore/secpatch.txtPatchThird Party Advisory
http://www.debian.org/security/2003/dsa-316Third Party Advisory
http://www.debian.org/security/2003/dsa-350Third Party Advisory
http://www.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0ExploitThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/6806Third Party AdvisoryVDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/11283Third Party AdvisoryVDB Entry
http://nethack.sourceforge.net/v340/bugmore/secpatch.txtPatchThird Party Advisory
http://www.debian.org/security/2003/dsa-316Third Party Advisory
http://www.debian.org/security/2003/dsa-350Third Party Advisory
http://www.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0ExploitThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/6806Third Party AdvisoryVDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/11283Third Party AdvisoryVDB Entry

FAQ

What is CVE-2003-0358?

CVE-2003-0358 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.

How severe is CVE-2003-0358?

CVE-2003-0358 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2003-0358?

Check the references section above for vendor advisories and patch information. Affected products include: Falconseye Project Falconseye, Nethack Nethack, Debian Debian Linux.