CVE-2003-0826
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2003-0826
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2003-0826.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2003-0826
- Downstream
- Published
- 2003-10-06T04:00:00Z
- Modified
- 2025-04-03T01:03:51Z
- Summary
- [none]
- Details
-
lsh daemon (lshd) does not properly return from certain functions in (1) readline.c, (2) channelcommands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
- References
-
- http://www.debian.org/security/2005/dsa-717
- http://bugs.debian.org/211662
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010496.html
- http://lists.lysator.liu.se/pipermail/lsh-bugs/2003q3/000120.html
- http://marc.info/?l=bugtraq&m=106398939512178&w=2
- http://marc.info/?l=bugtraq&m=106407188509874&w=2