Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0437

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-0437
Last Modified 05 Sep 2008 04:28:01
Published 26 Jul 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0437

Summary

Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attackers to execute arbitrary commands via shell metacharacters (backquotes) in message text, as described with the term "string format vulnerability" by some sources.

Vulnerable Systems

Application

  • Stefan Frings Sms Server Tools 1.4.6

  • Stefan Frings Sms Server Tools 1.4.7


References

BID - 4268

XF - sms-tools-format-string(8433)

CONFIRM - http://www.isis.de/members/~s.frings/smstools/history.html

BUGTRAQ - 20020311 SMStools vulnerabilities in release before 1.4.8


Last Updated: 27 May 2016 10:36:54