Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0501

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-0501
Last Modified 05 Sep 2008 04:28:11
Published 12 Aug 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0501

Summary

Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages.

Vulnerable Systems

Application

  • Posadis M5pre1


References

BID - 4378

XF - posadis-logging-format-string(8653)

CONFIRM - http://sourceforge.net/forum/forum.php?forum_id=165094

BUGTRAQ - 20020327 Format String Bug in Posadis DNS Server

OSVDB - 3516


Last Updated: 27 May 2016 10:36:56