Search for vulnerabilities
Vulnerability details: VCID-qbgx-bzas-aaaj
Vulnerability ID VCID-qbgx-bzas-aaaj
Aliases CVE-2003-0962
Summary Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2003:399
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.26219 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.32006 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.35155 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.3998 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.40719 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.44902 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.44902 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.44902 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
epss 0.44902 https://api.first.org/data/v1/epss?cve=CVE-2003-0962
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=1617105
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2003-0962
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794
http://marc.info/?l=bugtraq&m=107055681311602&w=2
http://marc.info/?l=bugtraq&m=107055684711629&w=2
http://marc.info/?l=bugtraq&m=107055702911867&w=2
http://marc.info/?l=bugtraq&m=107056923528423&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0962.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0962
http://secunia.com/advisories/10353
http://secunia.com/advisories/10354
http://secunia.com/advisories/10355
http://secunia.com/advisories/10356
http://secunia.com/advisories/10357
http://secunia.com/advisories/10358
http://secunia.com/advisories/10359
http://secunia.com/advisories/10360
http://secunia.com/advisories/10361
http://secunia.com/advisories/10362
http://secunia.com/advisories/10363
http://secunia.com/advisories/10364
http://secunia.com/advisories/10378
http://secunia.com/advisories/10474
https://exchange.xforce.ibmcloud.com/vulnerabilities/13899
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415
http://www.kb.cert.org/vuls/id/325603
http://www.mandriva.com/security/advisories?name=MDKSA-2003:111
http://www.osvdb.org/2898
http://www.redhat.com/support/errata/RHSA-2003-398.html
http://www.securityfocus.com/bid/9153
1617105 https://bugzilla.redhat.com/show_bug.cgi?id=1617105
cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andrew_tridgell:rsync:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:rsync:2.4.6-2:*:i386:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:rsync:2.4.6-2:*:i386:*:*:*:*:*
cpe:2.3:a:redhat:rsync:2.4.6-5:*:i386:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:rsync:2.4.6-5:*:i386:*:*:*:*:*
cpe:2.3:a:redhat:rsync:2.4.6-5:*:ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:rsync:2.4.6-5:*:ia64:*:*:*:*:*
cpe:2.3:a:redhat:rsync:2.5.4-2:*:i386:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:rsync:2.5.4-2:*:i386:*:*:*:*:*
cpe:2.3:a:redhat:rsync:2.5.5-1:*:i386:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:rsync:2.5.5-1:*:i386:*:*:*:*:*
cpe:2.3:a:redhat:rsync:2.5.5-4:*:i386:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:rsync:2.5.5-4:*:i386:*:*:*:*:*
cpe:2.3:o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*
cpe:2.3:o:engardelinux:secure_linux:1.1:*:professional:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:engardelinux:secure_linux:1.1:*:professional:*:*:*:*:*
cpe:2.3:o:engardelinux:secure_linux:1.2:*:professional:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:engardelinux:secure_linux:1.2:*:professional:*:*:*:*:*
cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*
CVE-2003-0962 https://nvd.nist.gov/vuln/detail/CVE-2003-0962
RHSA-2003:398 https://access.redhat.com/errata/RHSA-2003:398
RHSA-2003:399 https://access.redhat.com/errata/RHSA-2003:399
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0962
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95848
EPSS Score 0.26219
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.