Vulnerability Description
fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fasttrack | Kazaa | 1.2 |
| Grokster | Grokster | 1.3 |
| Music City Networks | Morpheus | 1.3 |
References
- http://marc.info/?l=bugtraq&m=101441689224760&w=2
- http://www.iss.net/security_center/static/8272.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4121ExploitPatchVendor Advisory
- http://marc.info/?l=bugtraq&m=101441689224760&w=2
- http://www.iss.net/security_center/static/8272.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4121ExploitPatchVendor Advisory
FAQ
What is CVE-2002-0315?
CVE-2002-0315 is a vulnerability with a CVSS score of 7.5 (HIGH). fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header.
How severe is CVE-2002-0315?
CVE-2002-0315 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0315?
Check the references section above for vendor advisories and patch information. Affected products include: Fasttrack Kazaa, Grokster Grokster, Music City Networks Morpheus.