Lucene search

[email protected]CVE-2002-0501

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0501

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0501

posadis dns server

vulnerability

format string

code execution

nvd.

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.9%

JSON

Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages.

Affected configurations

NVD

Node

posadisposadisMatchm5pre1

CPENameOperatorVersion
posadis:posadisposadiseqm5pre1

CPE	Name	Operator	Version
posadis:posadis	posadis	eq	m5pre1

References

online.securityfocus.com/archive/1/264450

sourceforge.net/forum/forum.php?forum_id=165094

www.iss.net/security_center/static/8653.php

www.osvdb.org/3516

www.securityfocus.com/bid/4378

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.9%

JSON

Related for CVE-2002-0501

nvd1 cvelist1