Lucene search

MitreCVE-2002-1489

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-1489

2003-04-0205:00:00

mitre

web.nvd.nist.gov

planetdns

planetweb

buffer overflow

remote attack

arbitrary code execution

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.397

Percentile

97.3%

JSON

Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name.

Affected configurations

Nvd

Node

planetdnsplanetwebRange≤1.14

VendorProductVersionCPE
planetdnsplanetweb*cpe:2.3:a:planetdns:planetweb:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
planetdns	planetweb	*	cpe:2.3:a:planetdns:planetweb::::::::

References

archives.neohapsis.com/archives/bugtraq/2002-09/0166.html

archives.neohapsis.com/archives/bugtraq/2002-10/0236.html

www.iss.net/security_center/static/10124.php

www.iss.net/security_center/static/10391.php

www.securityfocus.com/bid/5710

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.397

Percentile

97.3%

JSON

Related for CVE-2002-1489