Executive Summary

Informations
Name CVE-2002-1788 First vendor Publication 2002-12-31
Vendor Cve Last vendor Modification 2008-09-05

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1788

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-67 String Format Overflow in syslog()

CWE : Common Weakness Enumeration

% Id Name

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4

Open Source Vulnerability Database (OSVDB)

Id Description
27086 Multiple Vendor nn nn_exitmsg Function Remote Format String

A remote overflow exists in nm. The nm software fails to handle specific client error messages resulting in a format string vulnerability. With a specially crafted request, an attacker can cause the user to execute arbitrary commands on the system with the privileges of the nn process.

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/5160
BUGTRAQ http://online.securityfocus.com/archive/1/280639
OSVDB http://www.osvdb.org/27086
XF http://www.iss.net/security_center/static/9491.php

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2021-05-04 12:01:51
  • Multiple Updates
2021-04-22 01:01:59
  • Multiple Updates
2020-05-23 00:15:12
  • Multiple Updates
2016-06-28 15:01:06
  • Multiple Updates
2013-05-11 12:14:21
  • Multiple Updates