Vulnerability Details CVE-2002-0735
Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html
- http://marc.info/?l=vuln-dev&m=102070267500932&w=2
- http://online.securityfocus.com/archive/1/271173
- http://www.iss.net/security_center/static/9019.php
- http://www.securityfocus.com/bid/4679
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html
- http://marc.info/?l=vuln-dev&m=102070267500932&w=2
- http://online.securityfocus.com/archive/1/271173
- http://www.iss.net/security_center/static/9019.php
- http://www.securityfocus.com/bid/4679
Products affected by CVE-2002-0735
-
cpe:2.3:a:c-note:squid_auth_ldap:1.0.1
-
cpe:2.3:a:c-note:squid_auth_ldap:1.0.2_beta
-
cpe:2.3:a:c-note:squid_auth_ldap:1.2_b2
-
cpe:2.3:a:c-note:squid_auth_ldap:2.0
-
cpe:2.3:a:padl_software:nss_ldap:build_180
-
cpe:2.3:a:padl_software:nss_ldap:build_181
-
cpe:2.3:a:padl_software:nss_ldap:build_183
-
cpe:2.3:a:padl_software:nss_ldap:build_184
-
cpe:2.3:a:padl_software:nss_ldap:build_185
-
cpe:2.3:a:padl_software:nss_ldap:build_185.1
-
cpe:2.3:a:padl_software:nss_ldap:build_185.2
-
cpe:2.3:a:padl_software:nss_ldap:build_185.3
-
cpe:2.3:a:padl_software:nss_ldap:build_186
-
cpe:2.3:a:padl_software:nss_ldap:build_187
-
cpe:2.3:a:padl_software:nss_ldap:build_188
-
cpe:2.3:a:padl_software:nss_ldap:build_189
-
cpe:2.3:a:padl_software:pam_ldap:build_143