Lucene search

[email protected]CVE-2002-2368

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2368

2022-10-0316:23:50

CWE-119

[email protected]

web.nvd.nist.gov

cve-2002-2368

buffer overflow

nec

socks5

denial of service

code execution

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.3%

JSON

Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module.

Affected configurations

NVD

Node

necsocks_5Range≤1.0r11

CPENameOperatorVersion
nec:socks_5nec socks 5le1.0r11

CPE	Name	Operator	Version
nec:socks_5	nec socks 5	le	1.0r11

References

archives.neohapsis.com/archives/bugtraq/2002-07/0033.html

www.iss.net/security_center/static/9485.php

www.securityfocus.com/bid/5145

www.securityfocus.com/bid/5147

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-2002-2368

openvas1 cvelist1 nvd1 nessus1