Lucene search

MitreCVE-2002-0909

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0909

2002-10-0404:00:00

mitre

web.nvd.nist.gov

cve-2002-0909

buffer overflow

mnews

remote code execution

privilege escalation

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

Percentile

5.2%

JSON

Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.

Affected configurations

Nvd

Node

matsushita_researchmnewsRange≤1.2.2

VendorProductVersionCPE
matsushita_researchmnews*cpe:2.3:a:matsushita_research:mnews:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
matsushita_research	mnews	*	cpe:2.3:a:matsushita_research:mnews::::::::

References

archives.neohapsis.com/archives/bugtraq/2002-05/0287.html

marc.info/?l=bugtraq&m=102306166201275&w=2

marc.info/?l=vuln-dev&m=102297259123103&w=2

www.iss.net/security_center/static/9226.php

www.iss.net/security_center/static/9227.php

www.securityfocus.com/bid/4899

www.securityfocus.com/bid/4900

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2002-0909