Search for vulnerabilities
Vulnerability details: VCID-qya8-2453-aaag
Vulnerability ID VCID-qya8-2453-aaag
Aliases CVE-2003-0689
Summary The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.00891 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
epss 0.01582 https://api.first.org/data/v1/epss?cve=CVE-2003-0689
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1617066
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2003-0689
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0689.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0689
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0689
http://www.redhat.com/support/errata/RHSA-2003-249.html
http://www.redhat.com/support/errata/RHSA-2003-325.html
1617066 https://bugzilla.redhat.com/show_bug.cgi?id=1617066
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
CVE-2003-0689 https://nvd.nist.gov/vuln/detail/CVE-2003-0689
RHSA-2003:249 https://access.redhat.com/errata/RHSA-2003:249
RHSA-2003:325 https://access.redhat.com/errata/RHSA-2003:325
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0689
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.69784
EPSS Score 0.00309
Published At Jan. 16, 2025, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.