Vulnerability Details CVE-2002-0884
Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.1%
CVSS Severity
CVSS v2 Score 7.5
References
- ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html
- http://online.securityfocus.com/archive/1/273584
- http://www.iss.net/security_center/static/9150.php
- http://www.securityfocus.com/bid/4791
- ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html
- http://online.securityfocus.com/archive/1/273584
- http://www.iss.net/security_center/static/9150.php
- http://www.securityfocus.com/bid/4791