CVE-2003-0252
published 2003-08-18CVE-2003-0252: Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service…
PriorityP429critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
15.78%
96.5th percentile
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nfs-utils | < nfs-utils 1:1.0.3-2 (bookworm) | nfs-utils 1:1.0.3-2 (bookworm) |
| linux-nfs | nfs-utils | < 1.0.4 | 1.0.4 |
| linux-nfs | nfs-utils | >= 0 < 1:1.0.3-2 | 1:1.0.3-2 |
| linux-nfs | nfs-utils | >= 0 < 1:1.0.3-2 | 1:1.0.3-2 |
| linux-nfs | nfs-utils | >= 0 < 1:1.0.3-2 | 1:1.0.3-2 |
| linux-nfs | nfs-utils | >= 0 < 1:1.0.3-2 | 1:1.0.3-2 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-69rx-rcww-qf58: Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1
ghsa_unreviewed·2022-04-29
CVE-2003-0252 [HIGH] CWE-193 GHSA-69rx-rcww-qf58: Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
OSV
CVE-2003-0252: Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1
osv·2003-08-18·CVSS 9.8
CVE-2003-0252 [CRITICAL] CVE-2003-0252: Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
Red Hat
security flaw
vendor_redhat·2003-07-14·CVSS 9.8
CVE-2003-0252 [CRITICAL] security flaw
security flaw
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
Statement: This issue has been addressed in nfs-utils packages as shipped in Red Hat
Enterprise Linux 2 via https://rhn.redhat.com/errata/RHSA-2003-207.html.
Debian
CVE-2003-0252: nfs-utils - Off-by-one error in the xlog function of mountd in the Linux NFS utils package (...
vendor_debian·2003·CVSS 9.8
CVE-2003-0252 [CRITICAL] CVE-2003-0252: nfs-utils - Off-by-one error in the xlog function of mountd in the Linux NFS utils package (...
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
Scope: local
bookworm: resolved (fixed in 1:1.0.3-2)
bullseye: resolved (fixed in 1:1.0.3-2)
forky: resolved (fixed in 1:1.0.3-2)
sid: resolved (fixed in 1:1.0.3-2)
trixie: resolved (fixed in 1:1.0.3-2)
Suricata
GPL RPC mountd TCP mount path overflow attempt
suricata·2010-09-23
CVE-2003-0252 GPL RPC mountd TCP mount path overflow attempt
GPL RPC mountd TCP mount path overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC mountd TCP mount path overflow attempt"; flow:established,to_server; content:"|00 01 86 A5 00|"; depth:5; offset:16; content:"|00 00 00 01|"; within:4; distance:3; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,1023,0,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,8179; reference:cve,2003-0252; reference:nessus,11800; classtype:misc-attack; sid:2102184; rev:9; metadata:created_at 2010_09_23, cve CVE_2003_0252, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC mountd UDP mount path overflow attempt
suricata·2010-09-23
CVE-2003-0252 GPL RPC mountd UDP mount path overflow attempt
GPL RPC mountd UDP mount path overflow attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC mountd UDP mount path overflow attempt"; content:"|00 01 86 A5 00|"; depth:5; offset:12; content:"|00 00 00 01|"; within:4; distance:3; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,1023,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,8179; reference:cve,2003-0252; reference:nessus,11800; classtype:misc-attack; sid:2102185; rev:8; metadata:created_at 2010_09_23, cve CVE_2003_0252, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
No public exploits indexed.
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0023.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2003-q3/0024.htmlhttp://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txthttp://marc.info/?l=bugtraq&m=105820223707191&w=2http://marc.info/?l=bugtraq&m=105830921519513&w=2http://marc.info/?l=bugtraq&m=105839032403325&w=2http://secunia.com/advisories/9259http://securitytracker.com/id?1007187http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001262.1-1http://www.debian.org/security/2003/dsa-349http://www.kb.cert.org/vuls/id/258564http://www.mandriva.com/security/advisories?name=MDKSA-2003:076http://www.novell.com/linux/security/advisories/2003_031_nfs_utils.htmlhttp://www.redhat.com/support/errata/RHSA-2003-206.htmlhttp://www.redhat.com/support/errata/RHSA-2003-207.htmlhttp://www.securityfocus.com/bid/8179http://www.turbolinux.com/security/TLSA-2003-44.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/12600https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A443http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0023.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2003-q3/0024.htmlhttp://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txthttp://marc.info/?l=bugtraq&m=105820223707191&w=2http://marc.info/?l=bugtraq&m=105830921519513&w=2http://marc.info/?l=bugtraq&m=105839032403325&w=2http://secunia.com/advisories/9259http://securitytracker.com/id?1007187http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001262.1-1http://www.debian.org/security/2003/dsa-349http://www.kb.cert.org/vuls/id/258564http://www.mandriva.com/security/advisories?name=MDKSA-2003:076http://www.novell.com/linux/security/advisories/2003_031_nfs_utils.htmlhttp://www.redhat.com/support/errata/RHSA-2003-206.htmlhttp://www.redhat.com/support/errata/RHSA-2003-207.htmlhttp://www.securityfocus.com/bid/8179http://www.turbolinux.com/security/TLSA-2003-44.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/12600https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A443
2003-08-18
Published