Vulnerability Details CVE-2001-1320
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.683
EPSS Ranking 99.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
- http://www.cert.org/advisories/CA-2001-18.html
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
- http://www.kb.cert.org/vuls/id/765256
- http://www.kb.cert.org/vuls/id/JPLA-4WESNK
- http://www.securityfocus.com/bid/3046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6900
- http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
- http://www.cert.org/advisories/CA-2001-18.html
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
- http://www.kb.cert.org/vuls/id/765256
- http://www.kb.cert.org/vuls/id/JPLA-4WESNK
- http://www.securityfocus.com/bid/3046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6900