CVE-2002-0884

Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2002-10-04 12:00:00.000-04
Last Modified2018-10-30 12:26:22.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openunix 8.0
Caldera Unixware 7.1.1
Sun Sunos 5.7, 5.8

References

SourceLink
CALDERACSSA-2002-SCO.29
VULNWATCH20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd
BUGTRAQ20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd
XFsolaris-inrarpd-code-execution(9150)
BID4791