CVE-2002-0884
Caldera UnixWare and Open UNIX - Remote Code Execution via Format String in in.rarpd
Title source: llmDescription
Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.
References (5)
Core 5
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4791
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/273584
Various Sources vendor-advisory
x_refsource_caldera
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9150.php
Scores
EPSS
0.0216
EPSS Percentile
84.5%
Details
Status
published
Products (4)
caldera/openunix
8.0
caldera/unixware
7.1.1
sun/sunos
5.7
sun/sunos
5.8
Published
Oct 04, 2002
Tracked Since
Feb 18, 2026