Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0374

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0374
Last Modified 10 Sep 2008 03:11:51
Published 29 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0374

Summary

Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name.

Vulnerable Systems

Application

  • Padl Software Pam Ldap 144


References

VULNWATCH - 20020506 ldap vulnerabilities

BID - 4679

REDHAT - RHSA-2002:180

REDHAT - RHSA-2002:175

REDHAT - RHSA-2002:141

REDHAT - RHSA-2002:084

MANDRAKE - MDKSA-2002:075

XF - pamldap-config-format-string(9018)

BUGTRAQ - 20021030 GLSA: pam_ldap

CALDERA - CSSA-2002-041.0


Last Updated: 27 May 2016 10:36:53