Lucene search

[email protected]CVE-2001-0974

HistoryJul 17, 2001 - 4:00 a.m.

CVE-2001-0974

2001-07-1704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

security vulnerability

oracle

internet directory server

ldap

remote code execution.

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.5%

JSON

Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

CPENameOperatorVersion
oracle:internet_directoryoracle internet directoryeq2.1.1
oracle:internet_directoryoracle internet directoryeq3.0.1

CPE	Name	Operator	Version
oracle:internet_directory	oracle internet directory	eq	2.1.1
oracle:internet_directory	oracle internet directory	eq	3.0.1

References

www.cert.org/advisories/CA-2001-18.html

www.ciac.org/ciac/bulletins/l-116.shtml

www.kb.cert.org/vuls/id/869184

www.securityfocus.com/bid/3048

exchange.xforce.ibmcloud.com/vulnerabilities/6903

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.5%

JSON

Related for CVE-2001-0974

cert1