CVE-2003-0396

les <2.4.1 - Buffer Overflow

Title source: llm

Description

Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Angelo Rosiello · clocallinux

https://www.exploit-db.com/exploits/22540

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/7437

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/11903

[Patch] http://sourceforge.net/project/shownotes.php?release_id=156242

[Mailing List] http://marc.info/?l=bugtraq&m=105154433926396&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=105405560021979&w=2

[Exploit] http://www.securiteam.com/exploits/5EP0M1P9PO.html

Scores

EPSS 0.0020

EPSS Percentile 41.9%

Details

Status published

Products (1)

linux-atm/linux-atm 2.4

Published Jul 02, 2003

Tracked Since Feb 18, 2026