Vulnerability Description
Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xtell | Xtell | 1.91.1 |
References
- http://marc.info/?l=bugtraq&m=101494896516467&w=2
- http://www.debian.org/security/2002/dsa-121PatchVendor Advisory
- http://www.iss.net/security_center/static/8312.php
- http://www.securityfocus.com/bid/4193
- http://marc.info/?l=bugtraq&m=101494896516467&w=2
- http://www.debian.org/security/2002/dsa-121PatchVendor Advisory
- http://www.iss.net/security_center/static/8312.php
- http://www.securityfocus.com/bid/4193
FAQ
What is CVE-2002-0332?
CVE-2002-0332 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (...
How severe is CVE-2002-0332?
CVE-2002-0332 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0332?
Check the references section above for vendor advisories and patch information. Affected products include: Xtell Xtell.