Lucene search

[email protected]CVE-2002-1930

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1930

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

buffer overflow

an httpd

remote code execution

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.042 Low

EPSS

Percentile

92.2%

JSON

Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username.

CPENameOperatorVersion
an:an-httpdan an-httpdeq1.41c
an:an-httpdan an-httpdeq1.38
an:an-httpdan an-httpdeq1.40
an:an-httpdan an-httpdeq1.39
an:an-httpdan an-httpdeq1.41
an:an-httpdan an-httpdeq1.41b

CPE	Name	Operator	Version
an:an-httpd	an an-httpd	eq	1.41c
an:an-httpd	an an-httpd	eq	1.38
an:an-httpd	an an-httpd	eq	1.40
an:an-httpd	an an-httpd	eq	1.39
an:an-httpd	an an-httpd	eq	1.41
an:an-httpd	an an-httpd	eq	1.41b

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0032.html

www.iss.net/security_center/static/10410.php

www.securityfocus.com/bid/6012

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.042 Low

EPSS

Percentile

92.2%

JSON