{"api_version":"1","generated_at":"2026-04-23T06:59:31+00:00","cve":"CVE-2003-0962","urls":{"html":"https://cve.report/CVE-2003-0962","api":"https://cve.report/api/cve/CVE-2003-0962.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2003-0962","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2003-0962"},"summary":{"title":"CVE-2003-0962","description":"Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.","state":"PUBLISHED","assigner":"mitre","published_at":"2003-12-15 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://marc.info/?l=bugtraq&m=107056923528423&w=2","name":"http://marc.info/?l=bugtraq&m=107056923528423&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'GLSA: exploitable heap overflow in rsync (200312-03)' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=107055681311602&w=2","name":"http://marc.info/?l=bugtraq&m=107055681311602&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'rsync security advisory (fwd)' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10362","name":"http://secunia.com/advisories/10362","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - EnGarde update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U","name":"ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.redhat.com/support/errata/RHSA-2003-398.html","name":"http://www.redhat.com/support/errata/RHSA-2003-398.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2003:111","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2003:111","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10474","name":"http://secunia.com/advisories/10474","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Mac OS X Security Update Fixes Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10354","name":"http://secunia.com/advisories/10354","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Slackware update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10358","name":"http://secunia.com/advisories/10358","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Gentoo update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10357","name":"http://secunia.com/advisories/10357","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - SuSE update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=107055684711629&w=2","name":"http://marc.info/?l=bugtraq&m=107055684711629&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'TSLSA-2003-0048 - rsync' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10378","name":"http://secunia.com/advisories/10378","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Immunix update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10361","name":"http://secunia.com/advisories/10361","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Conectiva update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10353","name":"http://secunia.com/advisories/10353","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - rsync File Handling Integer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/13899","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/13899","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=107055702911867&w=2","name":"http://marc.info/?l=bugtraq&m=107055702911867&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'[OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794","name":"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Home - Conectiva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10363","name":"http://secunia.com/advisories/10363","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Red Hat update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/9153","name":"http://www.securityfocus.com/bid/9153","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"RSync Daemon Mode Undisclosed Remote Heap Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.osvdb.org/2898","name":"http://www.osvdb.org/2898","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/10355","name":"http://secunia.com/advisories/10355","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Trustix update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10356","name":"http://secunia.com/advisories/10356","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10364","name":"http://secunia.com/advisories/10364","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Mandrake update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/325603","name":"http://www.kb.cert.org/vuls/id/325603","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"],"title":"CERT/CC Vulnerability Note VU#325603","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10359","name":"http://secunia.com/advisories/10359","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - OpenPKG update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/10360","name":"http://secunia.com/advisories/10360","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Fedora update for rsync","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2003-0962","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2003-0962","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.4.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.4.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.4.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.4.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.5.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.5.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.5.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.5.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"andrew_tridgell","cpe5":"rsync","cpe6":"2.5.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"engardelinux","cpe5":"secure_community","cpe6":"1.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"engardelinux","cpe5":"secure_community","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"engardelinux","cpe5":"secure_linux","cpe6":"1.1","cpe7":"*","cpe8":"professional","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"engardelinux","cpe5":"secure_linux","cpe6":"1.2","cpe7":"*","cpe8":"professional","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"engardelinux","cpe5":"secure_linux","cpe6":"1.5","cpe7":"*","cpe8":"professional","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"rsync","cpe6":"2.4.6-2","cpe7":"*","cpe8":"i386","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"rsync","cpe6":"2.4.6-5","cpe7":"*","cpe8":"i386","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"rsync","cpe6":"2.4.6-5","cpe7":"*","cpe8":"ia64","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"rsync","cpe6":"2.5.4-2","cpe7":"*","cpe8":"i386","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"rsync","cpe6":"2.5.5-1","cpe7":"*","cpe8":"i386","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"rsync","cpe6":"2.5.5-4","cpe7":"*","cpe8":"i386","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"slackware","cpe5":"slackware_linux","cpe6":"8.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"slackware","cpe5":"slackware_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"slackware","cpe5":"slackware_linux","cpe6":"9.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"slackware","cpe5":"slackware_linux","cpe6":"current","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T02:12:35.339Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20031204 rsync security advisory (fwd)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=107055681311602&w=2"},{"name":"2003-0048","tags":["vendor-advisory","x_refsource_TRUSTIX","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=107055684711629&w=2"},{"name":"10362","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10362"},{"name":"10364","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10364"},{"name":"10354","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10354"},{"name":"linux-rsync-heap-overflow(13899)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"},{"name":"10363","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10363"},{"name":"10353","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10353"},{"name":"10357","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10357"},{"name":"10355","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10355"},{"name":"VU#325603","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/325603"},{"name":"10358","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10358"},{"name":"20031204 GLSA: exploitable heap overflow in rsync (200312-03)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=107056923528423&w=2"},{"name":"10360","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10360"},{"name":"10361","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10361"},{"name":"CLA-2003:794","tags":["vendor-advisory","x_refsource_CONECTIVA","x_transferred"],"url":"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794"},{"name":"20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=107055702911867&w=2"},{"name":"10474","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10474"},{"name":"20031202-01-U","tags":["vendor-advisory","x_refsource_SGI","x_transferred"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"},{"name":"oval:org.mitre.oval:def:9415","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"},{"name":"RHSA-2003:398","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2003-398.html"},{"name":"10356","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10356"},{"name":"2898","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/2898"},{"name":"MDKSA-2003:111","tags":["vendor-advisory","x_refsource_MANDRAKE","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"},{"name":"9153","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/9153"},{"name":"10359","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10359"},{"name":"10378","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/10378"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2003-12-04T00:00:00.000Z","descriptions":[{"lang":"en","value":"Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-10-10T00:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20031204 rsync security advisory (fwd)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=107055681311602&w=2"},{"name":"2003-0048","tags":["vendor-advisory","x_refsource_TRUSTIX"],"url":"http://marc.info/?l=bugtraq&m=107055684711629&w=2"},{"name":"10362","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10362"},{"name":"10364","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10364"},{"name":"10354","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10354"},{"name":"linux-rsync-heap-overflow(13899)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"},{"name":"10363","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10363"},{"name":"10353","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10353"},{"name":"10357","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10357"},{"name":"10355","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10355"},{"name":"VU#325603","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/325603"},{"name":"10358","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10358"},{"name":"20031204 GLSA: exploitable heap overflow in rsync (200312-03)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=107056923528423&w=2"},{"name":"10360","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10360"},{"name":"10361","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10361"},{"name":"CLA-2003:794","tags":["vendor-advisory","x_refsource_CONECTIVA"],"url":"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794"},{"name":"20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=107055702911867&w=2"},{"name":"10474","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10474"},{"name":"20031202-01-U","tags":["vendor-advisory","x_refsource_SGI"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"},{"name":"oval:org.mitre.oval:def:9415","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"},{"name":"RHSA-2003:398","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2003-398.html"},{"name":"10356","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10356"},{"name":"2898","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/2898"},{"name":"MDKSA-2003:111","tags":["vendor-advisory","x_refsource_MANDRAKE"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"},{"name":"9153","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/9153"},{"name":"10359","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10359"},{"name":"10378","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/10378"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2003-0962","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20031204 rsync security advisory (fwd)","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=107055681311602&w=2"},{"name":"2003-0048","refsource":"TRUSTIX","url":"http://marc.info/?l=bugtraq&m=107055684711629&w=2"},{"name":"10362","refsource":"SECUNIA","url":"http://secunia.com/advisories/10362"},{"name":"10364","refsource":"SECUNIA","url":"http://secunia.com/advisories/10364"},{"name":"10354","refsource":"SECUNIA","url":"http://secunia.com/advisories/10354"},{"name":"linux-rsync-heap-overflow(13899)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"},{"name":"10363","refsource":"SECUNIA","url":"http://secunia.com/advisories/10363"},{"name":"10353","refsource":"SECUNIA","url":"http://secunia.com/advisories/10353"},{"name":"10357","refsource":"SECUNIA","url":"http://secunia.com/advisories/10357"},{"name":"10355","refsource":"SECUNIA","url":"http://secunia.com/advisories/10355"},{"name":"VU#325603","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/325603"},{"name":"10358","refsource":"SECUNIA","url":"http://secunia.com/advisories/10358"},{"name":"20031204 GLSA: exploitable heap overflow in rsync (200312-03)","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=107056923528423&w=2"},{"name":"10360","refsource":"SECUNIA","url":"http://secunia.com/advisories/10360"},{"name":"10361","refsource":"SECUNIA","url":"http://secunia.com/advisories/10361"},{"name":"CLA-2003:794","refsource":"CONECTIVA","url":"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794"},{"name":"20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=107055702911867&w=2"},{"name":"10474","refsource":"SECUNIA","url":"http://secunia.com/advisories/10474"},{"name":"20031202-01-U","refsource":"SGI","url":"ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"},{"name":"oval:org.mitre.oval:def:9415","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"},{"name":"RHSA-2003:398","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2003-398.html"},{"name":"10356","refsource":"SECUNIA","url":"http://secunia.com/advisories/10356"},{"name":"2898","refsource":"OSVDB","url":"http://www.osvdb.org/2898"},{"name":"MDKSA-2003:111","refsource":"MANDRAKE","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"},{"name":"9153","refsource":"BID","url":"http://www.securityfocus.com/bid/9153"},{"name":"10359","refsource":"SECUNIA","url":"http://secunia.com/advisories/10359"},{"name":"10378","refsource":"SECUNIA","url":"http://secunia.com/advisories/10378"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2003-0962","datePublished":"2003-12-10T05:00:00.000Z","dateReserved":"2003-11-26T00:00:00.000Z","dateUpdated":"2024-08-08T02:12:35.339Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2003-12-15 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*","matchCriteriaId":"138253E8-6342-4A88-89E6-B579782BC273"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:*","matchCriteriaId":"06A95770-7838-4D26-98BD-F3C0A264C431"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.4.0:*:*:*:*:*:*:*","matchCriteriaId":"26EB2DBC-F71C-4D86-9436-FA06B7244F1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:*","matchCriteriaId":"41681E68-E4D3-4466-8BAF-12F38D670C73"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:*","matchCriteriaId":"9C472D33-56FC-4939-A800-00C319D44D45"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:*","matchCriteriaId":"D57C7AF3-A648-44E3-9ABF-D546B34BDC02"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.4.5:*:*:*:*:*:*:*","matchCriteriaId":"38450ED2-6642-4ADB-ACBC-702588904B50"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:*","matchCriteriaId":"FC163657-8FD5-4578-8452-49ABAA1121D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.4.8:*:*:*:*:*:*:*","matchCriteriaId":"DAFB0E34-5886-454E-9680-640F8FE6A4B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.5.0:*:*:*:*:*:*:*","matchCriteriaId":"FA756243-887B-42FD-9A68-2D54CE44AA0A"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:*","matchCriteriaId":"502E8AC0-7293-41A0-BA17-873DEE5133DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.5.2:*:*:*:*:*:*:*","matchCriteriaId":"55E84BFA-DAF8-4842-8542-E244FE16CBD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.5.3:*:*:*:*:*:*:*","matchCriteriaId":"5DC02AD4-07B4-4A35-BB74-7228A1CDABE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.5.4:*:*:*:*:*:*:*","matchCriteriaId":"33B1ECCC-AAF1-4A3A-BDFA-7955E1AA3683"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.5.5:*:*:*:*:*:*:*","matchCriteriaId":"FC4726E9-246B-4C6F-8253-0F09886749A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:andrew_tridgell:rsync:2.5.6:*:*:*:*:*:*:*","matchCriteriaId":"59CAA1CD-09D5-40CC-9A27-738B4028BF05"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:rsync:2.4.6-2:*:i386:*:*:*:*:*","matchCriteriaId":"C3AC2944-7891-474C-8CEE-FC79129AC6F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:rsync:2.4.6-5:*:i386:*:*:*:*:*","matchCriteriaId":"88D09EE3-7737-49EE-B8F6-5775228DA1C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:rsync:2.4.6-5:*:ia64:*:*:*:*:*","matchCriteriaId":"7F7E7DAE-7D7F-4D3F-A3CE-DF2E3650F145"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:rsync:2.5.4-2:*:i386:*:*:*:*:*","matchCriteriaId":"151183D0-4807-470D-808B-115AD366BEAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:rsync:2.5.5-1:*:i386:*:*:*:*:*","matchCriteriaId":"E7DB4650-6A89-480E-BAFA-C2E3F4521601"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:rsync:2.5.5-4:*:i386:*:*:*:*:*","matchCriteriaId":"0730AD53-5419-4144-AE01-143142AD6404"},{"vulnerable":true,"criteria":"cpe:2.3:o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*","matchCriteriaId":"444E0C0D-5121-4B89-BEF2-7D070AD2C8C8"},{"vulnerable":true,"criteria":"cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*","matchCriteriaId":"835156D0-D0D8-4A82-9342-95E7239E3477"},{"vulnerable":true,"criteria":"cpe:2.3:o:engardelinux:secure_linux:1.1:*:professional:*:*:*:*:*","matchCriteriaId":"E61A9563-ECBE-41DB-A973-E0DEE41BE28F"},{"vulnerable":true,"criteria":"cpe:2.3:o:engardelinux:secure_linux:1.2:*:professional:*:*:*:*:*","matchCriteriaId":"E164271C-4A66-4DE2-890A-6A21D45F77D9"},{"vulnerable":true,"criteria":"cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*","matchCriteriaId":"4E62C413-935F-459C-8F11-73F5B483E759"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*","matchCriteriaId":"57F41B40-75E6-45C8-A5FB-8464C0B2D064"},{"vulnerable":true,"criteria":"cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"300A6A65-05FD-401C-80F6-B5F5B1F056E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*","matchCriteriaId":"AA3D53C9-3806-45E6-8AE9-7D41280EF64C"},{"vulnerable":true,"criteria":"cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*","matchCriteriaId":"B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2003","CveId":"962","Ordinal":"1","Title":"CVE-2003-0962","CVE":"CVE-2003-0962","Year":"2003"},"notes":[{"CveYear":"2003","CveId":"962","Ordinal":"1","NoteData":"Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.","Type":"Description","Title":"CVE-2003-0962"},{"CveYear":"2003","CveId":"962","Ordinal":"2","NoteData":"2003-12-10","Type":"Other","Title":"Published"},{"CveYear":"2003","CveId":"962","Ordinal":"3","NoteData":"2017-10-09","Type":"Other","Title":"Modified"}]}}}