CVE-2003-0948
published 2003-12-15CVE-2003-0948: Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.
PriorityP422high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.08%
60.8th percentile
Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireless-tools | — | — |
| wireless_tools | wireless_tools | — | — |
| wireless_tools | wireless_tools | — | — |
| wireless_tools | wireless_tools | — | — |
| wireless_tools | wireless_tools | — | — |
| wireless_tools | wireless_tools | — | — |
| wireless_tools | wireless_tools | — | — |
| wireless_tools | wireless_tools | — | — |
| wireless_tools | wireless_tools | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_debian7.2LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2003-0948: wireless-tools - Buffer overflow in iwconfig allows local users to execute arbitrary code via a l...
vendor_debian·2003·CVSS 7.2
CVE-2003-0948 [HIGH] CVE-2003-0948: wireless-tools - Buffer overflow in iwconfig allows local users to execute arbitrary code via a l...
Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-8fp8-7vrm-6f5m: Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable
ghsa_unreviewed·2022-04-29
CVE-2003-0948 [HIGH] GHSA-8fp8-7vrm-6f5m: Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable
Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.
No detection rules found.
No writeups or analysis indexed.
2003-12-15
Published