cbcvebase.
CVE-2002-0412
published 2002-08-12

CVE-2002-0412: Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be…

PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.17%
89.6th percentile
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
luca_derintop
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.