CVE-2002-2003

CWE-239 CWE-439 CWE-42240 documents8 sources

Severity

5.0MEDIUM

EPSS

0.3%

top 42.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Compaq Tru64

Timeline

PublishedDec 31

Latest updateApr 30

Description

ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcompaq/tru645 versions+4

🔴Vulnerability Details

GHSA

GHSA-2qc3-c6vw-rhw6: ypbind in Compaq Tru64 4↗2022-04-30

▶

CVEList

CVE-2002-2003: ypbind in Compaq Tru64 4↗2005-07-14

▶

💥Exploits & PoCs

Exploit-DB

Web Server Creator Web Portal 0.1 - Multiple Vulnerabilities↗2010-02-24

▶

Exploit-DB

Microsoft Office 2000/2002 - Property Code Execution↗2006-07-11

▶

Exploit-DB

Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption↗2005-12-08

▶

Exploit-DB

Microsoft Jet Database - 'msjet40.dll' Code Execution (Reverse Shell) (2)↗2005-04-22

▶

Exploit-DB

Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow↗2005-04-11

▶

📋Vendor Advisories

Cisco

Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability↗2003-04-23

▶

Red Hat

security flaw↗2003-03-29

▶

Red Hat

security flaw↗2003-03-19

▶

📐Framework References

CWE

Failure to Handle Incomplete Element↗

▶

CWE

Behavioral Change in New Version or Environment↗

▶

CWE

Unprotected Windows Messaging Channel ('Shatter')

▶

💬Community

Bugzilla

CVE-2003-0161 security flaw↗2018-08-16

▶

Bugzilla

CVE-2003-0028 security flaw↗2018-08-16

▶

Bugzilla

A number of tomcat issues↗2007-05-09

▶

Bugzilla

CAN-2003-0977 fix pushed for RH9, but not FC1↗2004-03-20

▶

Bugzilla

CAN-2002-1565 Wget buffer overflow↗2003-11-24

▶