Vulnerability Description
Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Caldera | Unixware | 7.1.1 |
| Caldera | Openunix | 8.0 |
| Sun | Sunos | 5.7 |
References
- ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html
- http://online.securityfocus.com/archive/1/273584
- http://www.iss.net/security_center/static/9150.phpVendor Advisory
- http://www.securityfocus.com/bid/4791PatchVendor Advisory
- ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html
- http://online.securityfocus.com/archive/1/273584
- http://www.iss.net/security_center/static/9150.phpVendor Advisory
- http://www.securityfocus.com/bid/4791PatchVendor Advisory
FAQ
What is CVE-2002-0884?
CVE-2002-0884 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via ...
How severe is CVE-2002-0884?
CVE-2002-0884 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0884?
Check the references section above for vendor advisories and patch information. Affected products include: Caldera Unixware, Caldera Openunix, Sun Sunos.