Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1391

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1391
Last Modified 05 Sep 2008 04:30:28
Published 17 Jan 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1391

Summary

Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.

Vulnerable Systems

Application

  • Gert Doering Mgetty 1.1.29


References

CONFIRM - http://search.alphanet.ch/cgi-bin/search.cgi?msgid=20021125142338.E12094%40greenie.muc.de&max_results=1&type=long&domain=ml-mgetty

XF - mgetty-cndprogram-callername-bo(11072)

BID - 7303

REDHAT - RHSA-2003:036

REDHAT - RHSA-2003:008

GENTOO - GLSA-200304-09

CALDERA - CSSA-2003-021.0


Last Updated: 27 May 2016 10:37:18