Vulnerability Details : CVE-2003-0359
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
Exploit prediction scoring system (EPSS) score for CVE-2003-0359
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2003-0359
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
References for CVE-2003-0359
-
http://www.debian.org/security/2003/dsa-316
Patch;Vendor Advisory
Products affected by CVE-2003-0359
- cpe:2.3:a:stichting_mathematisch_centrum:nethack:3.4.0:*:*:*:*:*:*:*