Vulnerability Details : CVE-2002-1364
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2002-1364
Probability of exploitation activity in the next 30 days: 0.21%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-1364
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2002-1364
-
http://marc.info/?l=bugtraq&m=103858895600963&w=2
- http://www.debian.org/security/2003/dsa-254
-
http://www.novell.com/linux/security/advisories/2002_043_traceroute_nanog_nkitb.html
-
http://www.securityfocus.com/bid/6166
Exploit;Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/10778
Products affected by CVE-2002-1364
- cpe:2.3:a:ehud_gavron:tracesroute:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ehud_gavron:tracesroute:6.0:*:*:*:*:*:*:*