CVE-2002-1789

2022-10-0316:23:46

mitre

www.cve.org

format string

vulnerability

newsx nntp client

arbitrary code

syslog function

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc

www.iss.net/security_center/static/9583.php

www.securityfocus.com/bid/5240