Lucene search

[email protected]CVE-2002-0913

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0913

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0913

format string vulnerability

slurp nntp client

nvd

security

information security

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

JSON

Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.

Affected configurations

NVD

Node

stephen_hebditchslurpMatch1.1.0

CPENameOperatorVersion
stephen_hebditch:slurpstephen hebditch slurpeq1.1.0

CPE	Name	Operator	Version
stephen_hebditch:slurp	stephen hebditch slurp	eq	1.1.0

References

archives.neohapsis.com/archives/bugtraq/2002-06/0014.html

marc.info/?l=vuln-dev&m=102323341407280&w=2

www.iss.net/security_center/static/9270.php

www.securityfocus.com/bid/4935

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

JSON

Related for CVE-2002-0913

cvelist1 nvd1