Vulnerabilities > CVE-2002-0884 - Multiple vulnerability in Multiple Vendor In.Rarpd

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

caldera

sun

NVD

Published: 2002-10-04

Updated: 2018-10-30

Summary

Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.

Vulnerable Configurations

Part	Description	Count
Application	Caldera Caldera Unixware 7.1.1	1
OS	Caldera Caldera Openunix 8.0	1
OS	Sun SUN Sunos 5.7 SUN Sunos 5.8	2

References

ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html
http://online.securityfocus.com/archive/1/273584
http://www.iss.net/security_center/static/9150.php
http://www.securityfocus.com/bid/4791