Vulnerabilities > CVE-2002-1159 - Denial Of Service vulnerability in Canna 3.5B2/3.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
PARTIAL Summary
Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-224.NASL description Several vulnerabilities have been discovered in canna, a Japanese input system. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities : - CAN-2002-1158 (BugTraq Id 6351): last seen 2020-06-01 modified 2020-06-02 plugin id 15061 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15061 title Debian DSA-224-1 : canna - buffer overflow and more NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2002-261.NASL description The Canna server, used for Japanese character input, has two security vulnerabilities including an exploitable buffer overflow that allows a local user to gain last seen 2020-06-01 modified 2020-06-02 plugin id 12336 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12336 title RHEL 2.1 : Canna (RHSA-2002:261)
Redhat
| advisories |
|
References
- http://canna.sourceforge.jp/sec/Canna-2002-01.txt
- http://www.debian.org/security/2003/dsa-224
- http://www.redhat.com/support/errata/RHSA-2002-246.html
- http://www.redhat.com/support/errata/RHSA-2002-261.html
- http://www.redhat.com/support/errata/RHSA-2003-115.html
- http://www.securityfocus.com/bid/6354
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10832