Executive Summary

Informations
Name CVE-2002-0573 First vendor Publication 2002-07-03
Vendor Cve Last vendor Modification 2024-11-20

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0573

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-67 String Format Overflow in syslog()

CWE : Common Weakness Enumeration

% Id Name

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:41
 
Oval ID: oval:org.mitre.oval:def:41
Title: Solaris 7 RWall Daemon Syslog Format String Vulnerability
Description: Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.
Family: unix Class: vulnerability
Reference(s): CVE-2002-0573
 Version: 3
Platform(s): Sun Solaris 7
 Product(s): rpc.rwalld
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:79
 
Oval ID: oval:org.mitre.oval:def:79
Title: Solaris 8 RWall Daemon Syslog Format String Vulnerability
Description: Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.
Family: unix Class: vulnerability
Reference(s): CVE-2002-0573
 Version: 3
Platform(s): Sun Solaris 8
 Product(s): rpc.rwalld
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 2
Os 4

OpenVAS Exploits

Date Description
2009-06-03 Name : Solaris Update for /usr/lib/netsvc/rwall/rpc.rwalld 112846-01
File : nvt/gb_solaris_112846_01.nasl
2009-06-03 Name : Solaris Update for /usr/lib/netsvc/rwall/rpc.rwalld 112875-01
File : nvt/gb_solaris_112875_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
778 Solaris rpc.rwalld Remote Format String Arbitrary Code Execution

A format string vulnerability exists in Solaris's rpc.rwalld daemon. When the wall command cannot be executed, there is a format string vulnerability in the message which should be generated to the syslog function. If the attacker is able to force this message to be called, with a specially crafted request the attacker can cause remote execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.

Snort® IPS/IDS

Date Description
2014-01-10 portmap walld udp format string attack attempt
RuleID : 12609 - Revision : 7 - Type : PROTOCOL-RPC
2014-01-10 portmap walld udp request
RuleID : 12608 - Revision : 8 - Type : PROTOCOL-RPC

Nessus® Vulnerability Scanner

Date Description
2002-05-02 Name : An RPC service is running.
File : rwalld_format_string.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0049.html
http://online.securityfocus.com/archive/1/270268
http://www.cert.org/advisories/CA-2002-10.html
http://www.iss.net/security_center/static/8971.php
http://www.kb.cert.org/vuls/id/638099
http://www.osvdb.org/778
http://www.securityfocus.com/bid/4639
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Date Informations
2024-11-28 23:23:55
  • Multiple Updates
2024-11-28 12:05:04
  • Multiple Updates
2024-08-02 12:02:12
  • Multiple Updates
2024-08-02 01:01:19
  • Multiple Updates
2024-02-02 01:02:00
  • Multiple Updates
2024-02-01 12:01:21
  • Multiple Updates
2023-09-05 12:01:55
  • Multiple Updates
2023-09-05 01:01:12
  • Multiple Updates
2023-09-02 12:01:56
  • Multiple Updates
2023-09-02 01:01:12
  • Multiple Updates
2023-08-12 12:02:18
  • Multiple Updates
2023-08-12 01:01:12
  • Multiple Updates
2023-08-11 12:02:00
  • Multiple Updates
2023-08-11 01:01:14
  • Multiple Updates
2023-08-06 12:01:51
  • Multiple Updates
2023-08-06 01:01:13
  • Multiple Updates
2023-08-04 12:01:54
  • Multiple Updates
2023-08-04 01:01:13
  • Multiple Updates
2023-07-14 12:01:53
  • Multiple Updates
2023-07-14 01:01:14
  • Multiple Updates
2023-03-29 01:01:51
  • Multiple Updates
2023-03-28 12:01:18
  • Multiple Updates
2022-10-11 12:01:41
  • Multiple Updates
2022-10-11 01:01:06
  • Multiple Updates
2021-05-04 12:01:41
  • Multiple Updates
2021-04-22 01:01:49
  • Multiple Updates
2020-05-23 00:14:59
  • Multiple Updates
2018-10-31 00:19:41
  • Multiple Updates
2017-10-10 09:23:24
  • Multiple Updates
2016-06-28 14:58:53
  • Multiple Updates
2016-04-26 12:10:31
  • Multiple Updates
2014-02-17 10:24:43
  • Multiple Updates
2014-01-19 21:21:41
  • Multiple Updates
2013-05-11 12:09:59
  • Multiple Updates