Weekly Vulnerabilities Reports > June 2 to 8, 2003

Overview

3 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 3 products from 2 vendors including SUN, and Crob. Vulnerabilities are notably categorized as .

2 reported vulnerabilities are remotely exploitables.
3 reported vulnerabilities are exploitable by an anonymous user.
SUN has the most reported vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

0 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS

Expand/Hide

1 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2003-06-06	CVE-2003-1068	SUN	Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.	7.2

Expand/Hide

2 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2003-06-03	CVE-2003-1206	Crob	Denial-Of-Service vulnerability in Crob FTP Server 2.60.1 Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir.	5.0
2003-06-03	CVE-2003-1069	SUN	Remote Denial Of Service vulnerability in Sun Solaris Telnet Daemon The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).	5.0

Expand/Hide

0 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS