CVE-2002-0033

Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2002-05/0026.html	Vendor Advisory
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309	Patch Vendor Advisory
http://www.cert.org/advisories/CA-2002-11.html	Patch Third Party Advisory US Government Resource
http://www.iss.net/security_center/static/8999.php
http://www.kb.cert.org/vuls/id/635811	US Government Resource
http://www.securityfocus.com/bid/4674
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A124
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A31
http://archives.neohapsis.com/archives/bugtraq/2002-05/0026.html	Vendor Advisory
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309	Patch Vendor Advisory
http://www.cert.org/advisories/CA-2002-11.html	Patch Third Party Advisory US Government Resource
http://www.iss.net/security_center/static/8999.php
http://www.kb.cert.org/vuls/id/635811	US Government Resource
http://www.securityfocus.com/bid/4674
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A124
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A31

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:sun:solaris:2.5.1::sparc:::::
	cpe:2.3:o:sun:solaris:2.5.1::x86:::::
	cpe:2.3:o:sun:solaris:2.6::sparc:::::
	cpe:2.3:o:sun:solaris:7.0::sparc:::::
	cpe:2.3:o:sun:solaris:7.0::x86:::::
	cpe:2.3:o:sun:solaris:8.0::sparc:::::
	cpe:2.3:o:sun:solaris:8.0::x86:::::
	cpe:2.3:o:sun:sunos:-:::::::*

History

20 Nov 2024, 23:38

Type	Values Removed	Values Added
References	~~() http://archives.neohapsis.com/archives/bugtraq/2002-05/0026.html - Vendor Advisory~~	() http://archives.neohapsis.com/archives/bugtraq/2002-05/0026.html - Vendor Advisory
References	~~() http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309 - Patch, Vendor Advisory~~	() http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309 - Patch, Vendor Advisory
References	~~() http://www.cert.org/advisories/CA-2002-11.html - Patch, Third Party Advisory, US Government Resource~~	() http://www.cert.org/advisories/CA-2002-11.html - Patch, Third Party Advisory, US Government Resource
References	~~() http://www.iss.net/security_center/static/8999.php -~~	() http://www.iss.net/security_center/static/8999.php -
References	~~() http://www.kb.cert.org/vuls/id/635811 - US Government Resource~~	() http://www.kb.cert.org/vuls/id/635811 - US Government Resource
References	~~() http://www.securityfocus.com/bid/4674 -~~	() http://www.securityfocus.com/bid/4674 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A124 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A124 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A31 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A31 -

Information

Published : 2002-05-29 04:00

Updated : 2024-11-20 23:38

NVD link : CVE-2002-0033

Mitre link : CVE-2002-0033

CVE.ORG link : CVE-2002-0033

JSON object : View

Products Affected

sun

sunos
solaris

CWE

NVD-CWE-Other

10.0 /10