CVE-2003-0021

7 documents6 sources
Severity
5.0MEDIUM
EPSS
0.6%
top 30.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Michael Jennings Eterm
Timeline
PublishedMar 3
Latest updateApr 29

Description

The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debianeterm< 0.9.2-1+2
NVDmichael_jennings/eterm0.8.10, 0.9.1+1

🔴Vulnerability Details

3
GHSA
GHSA-v6jh-gv6q-3h4r: The "screen dump" feature in Eterm 02022-04-29
CVEList
CVE-2003-0021: The "screen dump" feature in Eterm 02004-09-01
OSV
CVE-2003-0021: The "screen dump" feature in Eterm 02003-03-03

💥Exploits & PoCs

2
Exploit-DB
Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (2)2006-03-22
Exploit-DB
Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (1)2006-03-21

📋Vendor Advisories

1
Debian
CVE-2003-0021: eterm - The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwri...2003
CVE-2003-0021 (MEDIUM CVSS 5) | The "screen dump" feature in Eterm | cvebase.io