Vulnerability Description
Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ktools | Ktools | <= 0.3 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/17768Vendor Advisory
- http://secunia.com/advisories/18081PatchVendor Advisory
- http://secunia.com/advisories/20329Vendor Advisory
- http://secunia.com/advisories/20368PatchVendor Advisory
- http://secunia.com/advisories/20446PatchVendor Advisory
- http://secunia.com/advisories/21684Vendor Advisory
- http://security.gentoo.org/glsa/glsa-200512-11.xml
- http://security.gentoo.org/glsa/glsa-200608-27.xml
- http://www.debian.org/security/2006/dsa-1083PatchVendor Advisory
- http://www.debian.org/security/2006/dsa-1088PatchVendor Advisory
- http://www.osvdb.org/21161
- http://www.securityfocus.com/archive/1/417906/100/0/threaded
- http://www.securityfocus.com/bid/15600
- http://www.vupen.com/english/advisories/2005/2605Vendor Advisory
- http://www.vupen.com/english/advisories/2006/2062Vendor Advisory
FAQ
What is CVE-2005-3863?
CVE-2005-3863 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers t...
How severe is CVE-2005-3863?
CVE-2005-3863 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3863?
Check the references section above for vendor advisories and patch information. Affected products include: Ktools Ktools.