Home > Vulnerability Database > CVE-2002-1755

Mend.io Vulnerability Database

CVE-2002-1755

Date: June 20, 2005

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC.

Severity Score

5.3

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2002-1755

Url: http://www.securityfocus.com/archive/1/249142

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/7868

Url: https://www.mend.io/vulnerability-database/CVE-2002-1755

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2002-1755

Date: June 20, 2005

Severity Score

Related Resources (4)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?