Vulnerability Details : CVE-2002-0501
Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages.
Vulnerability category: Execute code
Products affected by CVE-2002-0501
- cpe:2.3:a:posadis:posadis:m5pre1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2002-0501
0.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2002-0501
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2002-0501
-
http://online.securityfocus.com/archive/1/264450
Vendor Advisory
-
http://www.iss.net/security_center/static/8653.php
Vendor Advisory
-
http://sourceforge.net/forum/forum.php?forum_id=165094
-
http://www.securityfocus.com/bid/4378
Patch;Vendor Advisory
Jump to