CVE-2004-1773

7 documents7 sources

Severity

7.5HIGH

EPSS

1.8%

top 17.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Sharutils

Timeline

PublishedDec 31

Latest updateApr 29

Description

Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶Debiansharutils< 1:4.2.1-12+3

▶NVDgnu/sharutils4.2, 4.2.1+1

Patches

Patch: security.gentoo.org ↗Patch: www.securityfocus.com ↗Patch: bugzilla.fedora.us ↗

🔴Vulnerability Details

GHSA

GHSA-jh4p-qrrg-9f8h: Multiple buffer overflows in sharutils 4↗2022-04-29

▶

CVEList

CVE-2004-1773: Multiple buffer overflows in sharutils 4↗2005-03-28

▶

OSV

CVE-2004-1773: Multiple buffer overflows in sharutils 4↗2004-12-31

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-10-01

▶

Debian

CVE-2004-1773: sharutils - Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to ...↗2004

▶

💬Community

Bugzilla

CVE-2004-1773 security flaw↗2018-08-16

▶