Lucene search

[email protected]CVE-2002-0359

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0359

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

irix 6.5

xfsmd

weak authentication

rpc functions

root access

nvd

cve-2002-0359

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.4%

JSON

xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.

Affected configurations

NVD

Node

sgiirixMatch6.2

sgiirixMatch6.3

sgiirixMatch6.4

sgiirixMatch6.5

sgiirixMatch6.5.1

sgiirixMatch6.5.2

sgiirixMatch6.5.2f

sgiirixMatch6.5.2m

sgiirixMatch6.5.3

sgiirixMatch6.5.3f

sgiirixMatch6.5.3m

sgiirixMatch6.5.4

sgiirixMatch6.5.4f

sgiirixMatch6.5.4m

sgiirixMatch6.5.5

sgiirixMatch6.5.5f

sgiirixMatch6.5.5m

sgiirixMatch6.5.6

sgiirixMatch6.5.6f

sgiirixMatch6.5.6m

sgiirixMatch6.5.7

sgiirixMatch6.5.7f

sgiirixMatch6.5.7m

sgiirixMatch6.5.8

sgiirixMatch6.5.8f

sgiirixMatch6.5.8m

sgiirixMatch6.5.9

sgiirixMatch6.5.9f

sgiirixMatch6.5.9m

sgiirixMatch6.5.10

sgiirixMatch6.5.10f

sgiirixMatch6.5.10m

sgiirixMatch6.5.11

sgiirixMatch6.5.11f

sgiirixMatch6.5.11m

sgiirixMatch6.5.12

sgiirixMatch6.5.12f

sgiirixMatch6.5.12m

sgiirixMatch6.5.13

sgiirixMatch6.5.13f

sgiirixMatch6.5.13m

sgiirixMatch6.5.14

sgiirixMatch6.5.14f

sgiirixMatch6.5.14m

sgiirixMatch6.5.15

sgiirixMatch6.5.15f

sgiirixMatch6.5.15m

sgiirixMatch6.5.16

CPENameOperatorVersion
sgi:irixsgi irixeq6.2
sgi:irixsgi irixeq6.3
sgi:irixsgi irixeq6.4
sgi:irixsgi irixeq6.5
sgi:irixsgi irixeq6.5.1
sgi:irixsgi irixeq6.5.2
sgi:irixsgi irixeq6.5.2f
sgi:irixsgi irixeq6.5.2m
sgi:irixsgi irixeq6.5.3
sgi:irixsgi irixeq6.5.3f

CPE	Name	Operator	Version
sgi:irix	sgi irix	eq	6.2
sgi:irix	sgi irix	eq	6.3
sgi:irix	sgi irix	eq	6.4
sgi:irix	sgi irix	eq	6.5
sgi:irix	sgi irix	eq	6.5.1
sgi:irix	sgi irix	eq	6.5.2
sgi:irix	sgi irix	eq	6.5.2f
sgi:irix	sgi irix	eq	6.5.2m
sgi:irix	sgi irix	eq	6.5.3
sgi:irix	sgi irix	eq	6.5.3f

Rows per page:

1-10 of 481

References

ftp://patches.sgi.com/support/free/security/advisories/20020606-01-I

marc.info/?l=bugtraq&m=102459162909825&w=2

www.iss.net/security_center/static/9401.php

www.kb.cert.org/vuls/id/521147

www.securityfocus.com/bid/5072

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.4%

JSON

Related for CVE-2002-0359

nvd1 cvelist1 cert2 securityvulns1