Lucene search

[email protected]CVE-2002-2198

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2198

2022-10-0316:23:50

[email protected]

web.nvd.nist.gov

cve-2002-2198

zmailer

buffer overflow

remote code execution

helo processing

ipv6 address

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname.

Affected configurations

NVD

Node

zmailerzmailerMatch2.99.45

zmailerzmailerMatch2.99.46

zmailerzmailerMatch2.99.47

zmailerzmailerMatch2.99.48

zmailerzmailerMatch2.99.49

zmailerzmailerMatch2.99.50

zmailerzmailerMatch2.99.51

CPENameOperatorVersion
zmailer:zmailerzmailereq2.99.45
zmailer:zmailerzmailereq2.99.46
zmailer:zmailerzmailereq2.99.47
zmailer:zmailerzmailereq2.99.48
zmailer:zmailerzmailereq2.99.49
zmailer:zmailerzmailereq2.99.50
zmailer:zmailerzmailereq2.99.51

CPE	Name	Operator	Version
zmailer:zmailer	zmailer	eq	2.99.45
zmailer:zmailer	zmailer	eq	2.99.46
zmailer:zmailer	zmailer	eq	2.99.47
zmailer:zmailer	zmailer	eq	2.99.48
zmailer:zmailer	zmailer	eq	2.99.49
zmailer:zmailer	zmailer	eq	2.99.50
zmailer:zmailer	zmailer	eq	2.99.51

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc

www.iss.net/security_center/static/10013.php

www.securityfocus.com/bid/5592

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2002-2198

cvelist1 nvd1