CVE-2002-2004

CWE-49 CWE-50 CWE-42 CWE-23018 documents7 sources

Severity

5.0MEDIUM

EPSS

0.7%

top 29.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Compaq Tru64

Timeline

PublishedDec 31

Latest updateApr 30

Description

portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcompaq/tru644.0g, 5.0a+1

🔴Vulnerability Details

GHSA

GHSA-v372-4hc9-7w5p: portmapper in Compaq Tru64 4↗2022-04-30

▶

CVEList

CVE-2002-2004: portmapper in Compaq Tru64 4↗2005-07-14

▶

💥Exploits & PoCs

Exploit-DB

PMB Services 3.0.13 - Multiple Remote File Inclusions↗2007-03-09

▶

Exploit-DB

Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption↗2005-12-08

▶

Exploit-DB

Sysinternals Regmon 6.11 - Local Denial of Service↗2004-08-25

▶

Exploit-DB

Norton AntiVirus - Denial of Service↗2004-07-12

▶

Exploit-DB

Comersus Open Technologies Comersus 5.0 - 'comersus_gatewayPayPal.asp' Price Manipulation↗2004-07-07

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-11-02

▶

Red Hat

CVE-2004-1717: Multiple buffer overflows in the psscan function in ps↗

▶

📐Framework References

CWE

Path Equivalence: 'filename/' (Trailing Slash)

▶

CWE

Path Equivalence: '//multiple/leading/slash'

▶

CWE

Path Equivalence: 'filename.' (Trailing Dot)↗

▶

CWE

Improper Handling of Missing Values

▶

💬Community

Bugzilla

CVE-2004-1006 security flaw↗2018-08-16

▶

Bugzilla

CAN-2003-0977 fix pushed for RH9, but not FC1↗2004-03-20

▶