CVE-2002-0600

Published Jun 18, 2002

Last updated 16 years ago

CVSS info 7.5

Overview

Description: Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:kth:kth_kerberos:4_1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06A9B61C-C250-4C7C-A396-5EEC664EF905"
          },
          {
            "criteria": "cpe:2.3:a:kth:kth_kerberos:4_1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E0A425C-FD5F-4383-98A2-B664DD1449C8"
          },
          {
            "criteria": "cpe:2.3:a:kth:kth_kerberos:4_1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "955A41BC-4778-4A42-9929-29FC0A3C7844"
          },
          {
            "criteria": "cpe:2.3:a:kth:kth_kerberos:4_1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29F8D229-133F-4890-AFF4-7FDC355F6397"
          },
          {
            "criteria": "cpe:2.3:a:luke_mewburn:lukemftp:1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "066AA8A7-F0B0-48D6-BF76-86FBB71FDCC1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References