Vulnerabilities > CVE-2003-0390 - Local Security vulnerability in opt

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
james-theiler
exploit available

Summary

Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi.

Vulnerable Configurations

Part Description Count
Application
James_Theiler
1

Exploit-Db

  • descriptionLibopt.a 3.1x Error Logging Buffer Overflow Vulnerability (1). CVE-2003-0390. Dos exploit for linux platform
    idEDB-ID:22537
    last seen2016-02-02
    modified2003-04-24
    published2003-04-24
    reporterkf
    sourcehttps://www.exploit-db.com/download/22537/
    titleLibopt.a 3.1x Error Logging Buffer Overflow Vulnerability 1
  • descriptionLibopt.a 3.1x Error Logging Buffer Overflow Vulnerability (2). CVE-2003-0390. Local exploit for linux platform
    idEDB-ID:22538
    last seen2016-02-02
    modified2003-04-24
    published2003-04-24
    reporterjlanthea
    sourcehttps://www.exploit-db.com/download/22538/
    titleLibopt.a 3.1x Error Logging Buffer Overflow Vulnerability 2