CVE-2004-1772

7 documents7 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 68.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Sharutils
Timeline
PublishedDec 31
Latest updateApr 29

Description

Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

Debiansharutils< 1:4.2.1-11+3
NVDgnu/sharutils4.2, 4.2.1+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.comPatch: bugzilla.fedora.us

🔴Vulnerability Details

3
GHSA
GHSA-c6qx-vg4x-8xrp: Stack-based buffer overflow in shar in GNU sharutils 42022-04-29
CVEList
CVE-2004-1772: Stack-based buffer overflow in shar in GNU sharutils 42005-03-28
OSV
CVE-2004-1772: Stack-based buffer overflow in shar in GNU sharutils 42004-12-31

📋Vendor Advisories

2
Red Hat
security flaw2004-04-06
Debian
CVE-2004-1772: sharutils - Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to...2004

💬Community

1
Bugzilla
CVE-2004-1772 security flaw2018-08-16