CVE-2002-0796Use of Externally-Controlled Format String in Solaris

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
3.5%
top 12.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN SolarisSUN Sunos
Timeline
PublishedAug 12
Latest updateApr 30

Description

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDsun/solaris2.6, 7.0, 8.0+2
NVDsun/sunos5.6, 5.7, 5.8+2

Patches

Patch: sunsolve.sun.comPatch: www.iss.netPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-7x97-25gq-x656: Format string vulnerability in the logging component of snmpdx for Solaris 52022-04-30
CVEList
CVE-2002-0796: Format string vulnerability in the logging component of snmpdx for Solaris 52002-07-26
CVE-2002-0796 — SUN Solaris vulnerability | cvebase