Lucene search

[email protected]CVE-2002-1957

HistoryJun 28, 2005 - 4:00 a.m.

CVE-2002-1957

2005-06-2804:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1957

buffer overflow

pen

remote execution

netlog

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages.

Affected configurations

NVD

Node

penpenMatch0.9.1

penpenMatch0.9.2

CPENameOperatorVersion
pen:penpeneq0.9.1
pen:penpeneq0.9.2

CPE	Name	Operator	Version
pen:pen	pen	eq	0.9.1
pen:pen	pen	eq	0.9.2

References

siag.nu/pen/news-0.9.3.shtml

www.iss.net/security_center/static/9505.php

www.securityfocus.com/bid/5152

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for CVE-2002-1957

cvelist1 nvd1 debiancve1