← back
CVE-2003-0773

CVE-2003-0773

EPSS 1.9%
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txthttp://www.debian.org/security/2003/dsa-379http://www.mandriva.com/security/advisories?name=MDKSA-2003:099http://www.novell.com/linux/security/advisories/2003_046_sane.htmlhttp://www.redhat.com/support/errata/RHSA-2003-278.htmlhttp://www.redhat.com/support/errata/RHSA-2003-285.htmlhttp://www.securityfocus.com/bid/8593http://www.securityfocus.com/bid/8595