Vulnerability Description
Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citadel | Ux | <= 5.90 |
References
- http://online.securityfocus.com/archive/1/260934Vendor Advisory
- http://uncensored.citadel.org/pub/citadel/citadel-ux-5.91.tar.gz
- http://www.iss.net/security_center/static/8426.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4263PatchVendor Advisory
- http://online.securityfocus.com/archive/1/260934Vendor Advisory
- http://uncensored.citadel.org/pub/citadel/citadel-ux-5.91.tar.gz
- http://www.iss.net/security_center/static/8426.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4263PatchVendor Advisory
FAQ
What is CVE-2002-0432?
CVE-2002-0432 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks s...
How severe is CVE-2002-0432?
CVE-2002-0432 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0432?
Check the references section above for vendor advisories and patch information. Affected products include: Citadel Ux.