Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0587

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0587
Last Modified 05 Sep 2008 04:28:25
Published 18 Jun 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0587

Summary

Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters.

Vulnerable Systems

Application

  • Aol Server 3.0

  • Aol Server 3.1

  • Aol Server 3.2

  • Aol Server 3.2.1

  • Aol Server 3.3

  • Aol Server 3.3.1

  • Aol Server 3.4

  • Aol Server 3.4.1

  • Aol Server 3.4.2


References

BUGTRAQ - 20020416 [CERT-intexxia] AOLServer DB Proxy Daemon Format String Vulnerability

CONFIRM - http://sourceforge.net/tracker/index.php?func=detail&aid=533141&group_id=3152&atid=303152

CONFIRM - http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/aolserver/aolserver/nspd/log.c.diff?r1=1.4&r2=1.4.6.1


Last Updated: 27 May 2016 10:36:59