Lucene search

[email protected]CVE-2002-2396

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2396

2022-10-0316:23:49

CWE-119

[email protected]

web.nvd.nist.gov

cve-2002-2396

buffer overflow

advanced tftp

atftp

local code execution

nvd

7.9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option.

Affected configurations

NVD

Node

remi_lefebvreadvanced_tftpMatch0.5

remi_lefebvreadvanced_tftpMatch0.6

CPENameOperatorVersion
remi_lefebvre:advanced_tftpremi lefebvre advanced tftpeq0.5
remi_lefebvre:advanced_tftpremi lefebvre advanced tftpeq0.6

CPE	Name	Operator	Version
remi_lefebvre:advanced_tftp	remi lefebvre advanced tftp	eq	0.5
remi_lefebvre:advanced_tftp	remi lefebvre advanced tftp	eq	0.6

References

www.iss.net/security_center/static/10142.php

www.netric.org/advisories/netric-adv010.txt

www.securityfocus.com/bid/5760

7.9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2002-2396

nvd1 cvelist1