Lucene search

MitreCVE-2002-0884

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0884

2002-10-0404:00:00

mitre

web.nvd.nist.gov

cve

format string

vulnerability

in.rarpd

arp server

solaris

unixware

open unix

remote code execution

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.036

Percentile

91.6%

JSON

Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.

Affected configurations

Nvd

Node

calderaunixwareMatch7.1.1

Node

calderaopenunixMatch8.0

sunsunosMatch5.7

sunsunosMatch5.8

VendorProductVersionCPE
calderaunixware7.1.1cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
calderaopenunix8.0cpe:2.3:o:caldera:openunix:8.0:*:*:*:*:*:*:*
sunsunos5.7cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
sunsunos5.8cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
caldera	unixware	7.1.1	cpe:2.3:a:caldera:unixware:7.1.1:::::::*
caldera	openunix	8.0	cpe:2.3:o:caldera:openunix:8.0:::::::*
sun	sunos	5.7	cpe:2.3:o:sun:sunos:5.7:::::::*
sun	sunos	5.8	cpe:2.3:o:sun:sunos:5.8:::::::*

References

ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt

archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html

online.securityfocus.com/archive/1/273584

www.iss.net/security_center/static/9150.php

www.securityfocus.com/bid/4791

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.036

Percentile

91.6%

JSON

Related for CVE-2002-0884