Lucene search

MitreCVE-2002-2280

HistoryOct 18, 2007 - 10:00 a.m.

CVE-2002-2280

2007-10-1810:00:00

CWE-16

mitre

web.nvd.nist.gov

cve-2002-2280

syslogd

openbsd

ifconfig

nvd

information security

vulnerability

ip address

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.001

Percentile

20.4%

JSON

syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine’s IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.

Affected configurations

Nvd

Node

openbsdopenbsdMatch2.9

openbsdopenbsdMatch3.0

openbsdopenbsdMatch3.1

openbsdopenbsdMatch3.2

VendorProductVersionCPE
openbsdopenbsd2.9cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
openbsdopenbsd3.0cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
openbsdopenbsd3.1cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
openbsdopenbsd3.2cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openbsd	openbsd	2.9	cpe:2.3:o:openbsd:openbsd:2.9:::::::*
openbsd	openbsd	3.0	cpe:2.3:o:openbsd:openbsd:3.0:::::::*
openbsd	openbsd	3.1	cpe:2.3:o:openbsd:openbsd:3.1:::::::*
openbsd	openbsd	3.2	cpe:2.3:o:openbsd:openbsd:3.2:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-11/0272.html

www.securityfocus.com/bid/6219

exchange.xforce.ibmcloud.com/vulnerabilities/10702

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.001

Percentile

20.4%

JSON

Related for CVE-2002-2280