CVE-2002-0884

Published: Oct 4, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.

Affected (4)

Products: Caldera: Unixware, Openunix · Sun: Sunos

2 products

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Caldera Unixware	Version 7.1.1

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Caldera Openunix	Version 8.0
Sun Sunos	Version 5.7
Sun Sunos	Version 5.8

References (10)

ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt (unsafe URL)

Source: cve@mitre.org

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html

Source: cve@mitre.org

http://online.securityfocus.com/archive/1/273584

Source: cve@mitre.org

http://www.iss.net/security_center/static/9150.php

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/4791

Source: cve@mitre.org

PatchVendor Advisory

ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://online.securityfocus.com/archive/1/273584

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/9150.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/4791

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.