Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2003-0947

Published: 15/12/2003 Updated: 21/06/2022
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 740
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Wireless Tools Project

Vulnerability Summary

Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wireless tools project wireless tools 19

wireless tools project wireless tools 20

wireless tools project wireless tools 21

wireless tools project wireless tools 22

wireless tools project wireless tools 23

wireless tools project wireless tools 24

wireless tools project wireless tools 25

wireless tools project wireless tools 26

Exploits

Exploit DB: Wireless Tools 26 (IWConfig) - Local Privilege Escalation
// (if the iwconfig executable is setuid) /str0ke #include <stdioh> #include <stringh> #include <unistdh> #include <stdlibh> /* 45 Byte /bin/sh >> wwwmilw0rmcom/idphp?id=1169 (wwwexploit-dbcom/exploits/1169/) */ char shellcode[]= "\x31\xc0\x31\xdb\x50\x68\x2f\x2f" ...
Exploit DB: Wireless Tools 26 (IWConfig) - ARGV Local Command Line Buffer Overflow (2)
source: wwwsecurityfocuscom/bid/8901/info A problem has been identified in the iwconfig program when handling strings on the commandline Because of this, a local attacker may be able to gain elevated privileges /* Name: iw-configc Copyright: !sh2k+!tc2k Author: heka Date: 11/11/2003 Greets: bx, pintos, eksol, hex, keyhook, ...
Exploit DB: Wireless Tools 26 (IWConfig) - ARGV Local Command Line Buffer Overflow (1)
source: wwwsecurityfocuscom/bid/8901/info A problem has been identified in the iwconfig program when handling strings on the commandline Because of this, a local attacker may be able to gain elevated privileges Exploit: /* PST_iwconfig /sbin/iwconfig proof of concept exploit coded by aXis@ph4nt0mnet Ph4nt0m Security Team ...
Exploit DB: Wireless Tools 26 (IWConfig) - ARGV Local Command Line Buffer Overflow (3)
source: wwwsecurityfocuscom/bid/8901/info A problem has been identified in the iwconfig program when handling strings on the commandline Because of this, a local attacker may be able to gain elevated privileges /* * (C) 2003 NrAziz * polygrithm_at_hotmail[DOT]com */ /* * Greetz to Mixter,gorny,rave */ /* * Description: * ...

References

CWE-120http://marc.info/?l=bugtraq&m=106867458902521&w=2https://nvd.nist.govhttps://www.exploit-db.com/exploits/1215/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook