Vulnerability Details CVE-2002-1825
Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allows remote attackers to execute arbitrary commands or crash the server via format strings in the $name variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.9%
CVSS Severity
CVSS v2 Score 6.4
References
- http://wasd.vsm.com.au/ht_root/doc/misc/wasd_advisory_020925.txt
- http://www.iss.net/security_center/static/10213.php
- http://www.osvdb.org/21288
- http://www.securityfocus.com/archive/1/293229
- http://www.securityfocus.com/bid/5811
- http://www.teaser.fr/~jlgailly/security/wasd-vuln-2002-09.txt
- http://wasd.vsm.com.au/ht_root/doc/misc/wasd_advisory_020925.txt
- http://www.iss.net/security_center/static/10213.php
- http://www.osvdb.org/21288
- http://www.securityfocus.com/archive/1/293229
- http://www.securityfocus.com/bid/5811
- http://www.teaser.fr/~jlgailly/security/wasd-vuln-2002-09.txt
Products affected by CVE-2002-1825
-
cpe:2.3:a:wasd:wasd_http_server:7.1
-
cpe:2.3:a:wasd:wasd_http_server:7.2
-
cpe:2.3:a:wasd:wasd_http_server:7.2.1
-
cpe:2.3:a:wasd:wasd_http_server:7.2.2
-
cpe:2.3:a:wasd:wasd_http_server:7.2.3
-
cpe:2.3:a:wasd:wasd_http_server:8.0