Vulnerability Details : CVE-2002-0901
Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2002-0901
Probability of exploitation activity in the next 30 days: 2.27%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-0901
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2002-0901
-
http://www.securityfocus.com/bid/4840
Patch;Vendor Advisory
-
http://www.iss.net/security_center/static/9182.php
Patch;Vendor Advisory
-
http://www.iss.net/security_center/static/9181.php
Patch;Vendor Advisory
-
http://online.securityfocus.com/archive/1/274215
-
http://www.securityfocus.com/bid/4836
Patch;Vendor Advisory
Products affected by CVE-2002-0901
- cpe:2.3:a:amanda:amanda:2.3.0.4:*:*:*:*:*:*:*