cbcvebase.
CVE-2003-0947
published 2003-12-15

CVE-2003-0947: Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.

PriorityP423high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.30%
66.8th percentile
Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.

Affected

9 ranges
VendorProductVersion rangeFixed in
debianwireless-tools
wireless_tools_projectwireless_tools
wireless_tools_projectwireless_tools
wireless_tools_projectwireless_tools
wireless_tools_projectwireless_tools
wireless_tools_projectwireless_tools
wireless_tools_projectwireless_tools
wireless_tools_projectwireless_tools
wireless_tools_projectwireless_tools

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_debian7.2LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.