CVE-2003-1067

Name: CVE-2003-1067
Creator: NVD / NIST
Published: 2003-06-19T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.41%

Last modified Jun 16, 2026

CVE-2003-1067 is a vulnerability of currently unknown severity. Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.

Description

Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.

Metrics

EPSS Probability

0.41%

32.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Sun	Solaris	2.6
Sun	Solaris	7.0
Sun	Solaris	8.0
Sun	Solaris	9.0
Sun	Sunos	All versions
Sun	Sunos	5.7
Sun	Sunos	5.8

References

http://secunia.com/advisories/9088/Patch, Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-55420-1Patch, Vendor Advisory
http://www.ciac.org/ciac/bulletins/n-108.shtmlPatch, Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.securityfocus.com/bid/64758
http://www.securityfocus.com/bid/7991Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/12379
http://secunia.com/advisories/9088/Patch, Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-55420-1Patch, Vendor Advisory
http://www.ciac.org/ciac/bulletins/n-108.shtmlPatch, Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.securityfocus.com/bid/64758
http://www.securityfocus.com/bid/7991Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/12379

Timeline

Published: Jun 19, 2003
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2003-1067?

How severe is CVE-2003-1067?

Severity scoring for CVE-2003-1067 is pending analysis. The EPSS model estimates a 0.41% probability of exploitation in the next 30 days.

How do I fix CVE-2003-1067?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2003-1067?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST