CVE-2002-1998

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-1998
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.12/CSSA-2002-SCO.12.txt Patch Vendor Advisory
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0127.html Exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0129.html Exploit
http://www.iss.net/security_center/static/8597.php Patch
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.12/CSSA-2002-SCO.12.txt Patch Vendor Advisory
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0127.html Exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0129.html Exploit
http://www.iss.net/security_center/static/8597.php Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:sco:open_unix:8.0.0:*:*:*:*:*:*:*
cpe:2.3:o:sco:unixware:7.1.1:*:*:*:*:*:*:*
History

20 Nov 2024, 23:42

Type Values Removed Values Added
References () ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.12/CSSA-2002-SCO.12.txt - Patch, Vendor Advisory () ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.12/CSSA-2002-SCO.12.txt - Patch, Vendor Advisory
References () http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0127.html - Exploit () http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0127.html - Exploit
References () http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0129.html - Exploit () http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-01/0129.html - Exploit
References () http://www.iss.net/security_center/static/8597.php - Patch () http://www.iss.net/security_center/static/8597.php - Patch
Information

Published : 2002-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-1998

Mitre link : CVE-2002-1998

CVE.ORG link : CVE-2002-1998

JSON object : View

Products Affected

sco

  • open_unix
  • unixware
CWE
NVD-CWE-Other