CVE-2005-0073Improper Restriction of Operations within the Bounds of a Memory Buffer in Sympa

4 documents4 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 73.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SympaDebian Sympa
Timeline
PublishedMay 2
Latest updateMay 1

Description

Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages3 packages

debiandebian/sympa< sympa 4.1.2-2.1 (bookworm)
Debiansympa/sympa< 4.1.2-2.1+3
NVDdebian/sympa3.3.3

Patches

Patch: www.debian.orgPatch: www.debian.org

🔴Vulnerability Details

2
GHSA
GHSA-fhqj-wxhm-vfh3: Buffer overflow in queue2022-05-01
OSV
CVE-2005-0073: Buffer overflow in queue2005-05-02

📋Vendor Advisories

1
Debian
CVE-2005-0073: sympa - Buffer overflow in queue.c in a support script for sympa 3.3.3, when running set...2005
CVE-2005-0073 — Debian Sympa vulnerability | cvebase