CVE-2002-0412 in ntopinformazioni

Riassunto

di MITRE

Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgazione

12/08/2002

Moderazione

accettato

Voce

VDB-18488

CPE

pronto

CWE

CWE-134 (confermato)

CVSS

7.5 (NVD)

EPSS

0.04170

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0412
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0412
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0412/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!