CVE-2002-0525
Published Aug 12, 2002
Last updated 16 years ago
Overview
- Description
- Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:inn:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2480B45-A626-49F5-A48B-BA6DFAA4411B"
},
{
"criteria": "cpe:2.3:a:isc:inn:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21969A37-9F10-4D70-AC73-F3DB4D169AEB"
},
{
"criteria": "cpe:2.3:a:isc:inn:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94FD2948-EF52-464B-A605-DA3806037762"
},
{
"criteria": "cpe:2.3:a:isc:inn:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CC41E6D-B892-4888-8AEE-12287935F570"
},
{
"criteria": "cpe:2.3:a:isc:inn:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DED2B74-71B6-467C-8B07-F6F728AD7BF4"
},
{
"criteria": "cpe:2.3:a:isc:inn:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "862E58CF-7194-421D-9E7D-60DB8AA1F9CB"
}
],
"operator": "OR"
}
]
}
]