Lucene search

[email protected]CVE-2002-0598

HistoryJun 18, 2002 - 4:00 a.m.

CVE-2002-0598

2002-06-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

format string vulnerability

foundstone fscan 1.12

remote code execution

cve-2002-0598

nvd

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

87.9%

JSON

Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner.

CPENameOperatorVersion
foundstone:fscanfoundstone fscaneq1.12

CPE	Name	Operator	Version
foundstone:fscan	foundstone fscan	eq	1.12

References

online.securityfocus.com/archive/1/268581

www.foundstone.com/knowledge/fscan112_advisory.html

www.iss.net/security_center/static/8895.php

www.securityfocus.com/bid/4549

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

87.9%

JSON