Vulnerabilities > CVE-2003-0689 - Unspecified vulnerability in Redhat Enterprise Linux 2.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2003-107.NASL description A bug was discovered in the getgrouplist function in glibc that can cause a buffer overflow if the size of the group list is too small to hold all the user last seen 2020-06-01 modified 2020-06-02 plugin id 14089 published 2004-07-31 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14089 title Mandrake Linux Security Advisory : glibc (MDKSA-2003:107) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-249.NASL description Updated glibc packages that fix a number of bugs as well as a buffer overflow issue are now available. The GNU libc package (known as glibc) contains the standard C libraries used by applications. A bug in the getgrouplist function can cause a buffer overflow if the size of the group list is too small to hold all the user last seen 2020-06-01 modified 2020-06-02 plugin id 12414 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12414 title RHEL 2.1 : glibc (RHSA-2003:249)
Redhat
| advisories |
|