CVE-2003-1063 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Solaris

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 37.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Solaris SUN Sunos

Timeline

PublishedAug 20

Latest updateApr 29

Description

The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDsun/solaris2.6, 7.0+1

▶NVDsun/sunos5.7

Patches

Patch: sunsolve.sun.com ↗Patch: www.ciac.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-j247-m687-9hwv: The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2↗2022-04-29

▶

CVEList

CVE-2003-1063: The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2↗2005-02-08

▶

📋Vendor Advisories

Cisco

Heap Overflow in Solaris cachefs Daemon↗2002-07-24

▶