Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2002-1347

Date: December 18, 2002

Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.

Severity Score

Related Resources (15)

http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
http://www.redhat.com/support/errata/RHSA-2002-283.html
https://nvd.nist.gov/vuln/detail/CVE-2002-1347
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557
http://archives.neohapsis.com/archives/linux/suse/2002-q4/1275.html
http://www.securityfocus.com/advisories/4826
http://www.securityfocus.com/bid/6347
https://exchange.xforce.ibmcloud.com/vulnerabilities/10812
http://www.securityfocus.com/bid/6349
http://marc.info/?l=bugtraq&m=103946297703402&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/10811
http://www.securityfocus.com/bid/6348
http://www.debian.org/security/2002/dsa-215
https://exchange.xforce.ibmcloud.com/vulnerabilities/10810
https://www.mend.io/vulnerability-database/CVE-2002-1347

Severity Score

Weakness Type (CWE)

Incorrect Calculation of Buffer Size

CWE-131

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): NONE
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us