CVE-2003-0854

Published: Nov 17, 2003Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.

Affected (26)

Products: Gnu: Fileutils · Washington University: Wu Ftpd

1 product

Washington University

1 product

Configuration A

26 vulnerable

Vulnerable Software	Affected Versions
Gnu Fileutils	Version 4.0.36
Gnu Fileutils	Version 4.0
Gnu Fileutils	Version 4.1.6
Gnu Fileutils	Version 4.1.7
Gnu Fileutils	Version 4.1
Washington University Wu Ftpd	Version 2.4.1
Washington University Wu Ftpd	Version 2.4.2_beta18
Washington University Wu Ftpd	Version 2.4.2_beta18_vr10
Washington University Wu Ftpd	Version 2.4.2_beta18_vr11
Washington University Wu Ftpd	Version 2.4.2_beta18_vr12
Washington University Wu Ftpd	Version 2.4.2_beta18_vr13
Washington University Wu Ftpd	Version 2.4.2_beta18_vr14
Washington University Wu Ftpd	Version 2.4.2_beta18_vr15
Washington University Wu Ftpd	Version 2.4.2_beta18_vr4
Washington University Wu Ftpd	Version 2.4.2_beta18_vr5
Washington University Wu Ftpd	Version 2.4.2_beta18_vr6
Washington University Wu Ftpd	Version 2.4.2_beta18_vr7
Washington University Wu Ftpd	Version 2.4.2_beta18_vr8
Washington University Wu Ftpd	Version 2.4.2_beta18_vr9
Washington University Wu Ftpd	Version 2.4.2_beta2
Washington University Wu Ftpd	Version 2.4.2_vr16
Washington University Wu Ftpd	Version 2.4.2_vr17
Washington University Wu Ftpd	Version 2.5.0
Washington University Wu Ftpd	Version 2.6.0
Washington University Wu Ftpd	Version 2.6.1
Washington University Wu Ftpd	Version 2.6.2

References (28)

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html

Source: cve@mitre.org

http://secunia.com/advisories/10126

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17069

Source: cve@mitre.org

Vendor Advisory

http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf

Source: cve@mitre.org

http://www.debian.org/security/2005/dsa-705

Source: cve@mitre.org

http://www.guninski.com/binls.html

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2003:106

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-309.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-310.html

Source: cve@mitre.org

http://www.securityfocus.com/advisories/6014

Source: cve@mitre.org

http://www.turbolinux.com/security/TLSA-2003-60.txt

Source: cve@mitre.org

https://www.exploit-db.com/exploits/115

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768

Source: af854a3a-2127-422b-91ae-364da2661108

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/10126

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17069

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2005/dsa-705

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.guninski.com/binls.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2003:106

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-309.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-310.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/advisories/6014

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.turbolinux.com/security/TLSA-2003-60.txt

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/115

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.