Lucene search

[email protected]CVE-2001-0441

HistoryJun 27, 2001 - 4:00 a.m.

CVE-2001-0441

2001-06-2704:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0441

buffer overflow

slrn news reader

nvd

version 0.9.7.0

remote command execution

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

Affected configurations

NVD

Node

debiandebian_linuxRange≤2.2

mandrakesoftmandrake_linuxMatch6.0

mandrakesoftmandrake_linuxMatch6.1

mandrakesoftmandrake_linuxMatch7.0

mandrakesoftmandrake_linuxMatch7.1

mandrakesoftmandrake_linuxMatch7.2

mandrakesoftmandrake_linux_corporate_serverMatch1.0.1

redhatlinuxMatch6.2

redhatlinuxMatch7.0

CPENameOperatorVersion
debian:debian_linuxdebian debian linuxle2.2
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq6.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq6.1
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq7.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq7.1
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq7.2
mandrakesoft:mandrake_linux_corporate_servermandrakesoft mandrake linux corporate servereq1.0.1
redhat:linuxredhat linuxeq6.2
redhat:linuxredhat linuxeq7.0

CPE	Name	Operator	Version
debian:debian_linux	debian debian linux	le	2.2
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	6.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	6.1
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	7.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	7.1
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	7.2
mandrakesoft:mandrake_linux_corporate_server	mandrakesoft mandrake linux corporate server	eq	1.0.1
redhat:linux	redhat linux	eq	6.2
redhat:linux	redhat linux	eq	7.0

References

archives.neohapsis.com/archives/freebsd/2001-04/0610.html

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000383

marc.info/?l=bugtraq&m=98471253131191&w=2

www.debian.org/security/2001/dsa-040

www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3

www.redhat.com/support/errata/RHSA-2001-028.html

www.securityfocus.com/bid/2493

exchange.xforce.ibmcloud.com/vulnerabilities/6213

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

Related for CVE-2001-0441

nessus2 cvelist1 openvas2 nvd1