Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0315

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0315
Last Modified 05 Sep 2008 04:27:42
Published 25 Jun 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0315

Summary

fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header.

Vulnerable Systems

Application

  • Fasttrack Kazaa 1.2

  • Fasttrack Kazaa 1.3

  • Fasttrack Kazaa 1.3.3

  • Fasttrack Kazaa 1.4

  • Fasttrack Kazaa 1.5

  • Grokster 1.3

  • Grokster 1.3.3

  • Music City Networks Morpheus 1.3

  • Music City Networks Morpheus 1.3.3


References

BID - 4121

XF - fasttrack-message-service-spoof(8272)

BUGTRAQ - 20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.


Last Updated: 27 May 2016 10:36:52