Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1317

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1317
Last Modified 05 Sep 2008 04:30:17
Published 11 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1317

Summary

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

Vulnerable Systems

Operating System

  • Hp-ux 10.10

  • Hp-ux 10.20

  • Hp-ux 10.24

  • Hp-ux 11.00

  • Hp-ux 11.04

  • Hp-ux 11.11

  • Hp-ux 11.22

  • Sgi Irix 6.5

  • Sgi Irix 6.5.1

  • Sgi Irix 6.5.10

  • Sgi Irix 6.5.11

  • Sgi Irix 6.5.12

  • Sgi Irix 6.5.13

  • Sgi Irix 6.5.2

  • Sgi Irix 6.5.3

  • Sgi Irix 6.5.4

  • Sgi Irix 6.5.5

  • Sgi Irix 6.5.6

  • Sgi Irix 6.5.7

  • Sgi Irix 6.5.8

  • Sgi Irix 6.5.9

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0

Application

  • Xfree86 Project X11r6 3.3

  • Xfree86 Project X11r6 3.3.2

  • Xfree86 Project X11r6 3.3.3

  • Xfree86 Project X11r6 3.3.4

  • Xfree86 Project X11r6 3.3.5


References

CERT - CA-2002-34

CERT-VN - VU#312313

BID - 6241

XF - solaris-fsauto-execute-code(10375)

ISS - 20021125 Solaris fs.auto Remote Compromise Vulnerability

CONFIRM - http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879

HP - HPSBUX0212-228

CIAC - N-024

BUGTRAQ - 20021125 ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability

SGI - 20021202-01-I


Last Updated: 27 May 2016 10:37:16