Vulnerability CVE-2002-1317

Vulnerability Name:

CVE-2002-1317 (CCN-10375)

Assigned:

2002-11-25

Published:

2002-11-25

Updated:

2018-10-30

Summary:

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: SGI Security Advisory 20021202-01-I
Buffer Overflow Vulnerability in X Font Server

Source: SGI
Type: UNKNOWN
20021202-01-I

Source: CCN
Type: Internet Security Systems Security Advisory, November 25, 2002
Solaris fs.auto Remote Compromise Vulnerability

Source: ISS
Type: Patch, Vendor Advisory
20021125 Solaris fs.auto Remote Compromise Vulnerability

Source: MITRE
Type: CNA
CVE-2002-1317

Source: BUGTRAQ
Type: UNKNOWN
20021125 ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability

Source: CCN
Type: Sun Microsystems Web site
SunSolve Home

Source: CCN
Type: Sun Alert ID: 48879
X Font Server Can Allow Denial of Service

Source: CONFIRM
Type: UNKNOWN
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879

Source: CCN
Type: CERT Advisory CA-2002-34
Buffer Overflow in Solaris X Window Font Service

Source: CERT
Type: Third Party Advisory, US Government Resource
CA-2002-34

Source: CCN
Type: CIAC Information Bulletin N-024
Buffer Overflow Vulnerability in Solaris X Window Font Service

Source: CIAC
Type: UNKNOWN
N-024

Source: XF
Type: Patch, Vendor Advisory
solaris-fsauto-execute-code(10375)

Source: CCN
Type: US-CERT VU#312313
Solaris X Window Font Service (XFS) daemon contains buffer overflow in Dispatch() function

Source: CERT-VN
Type: US Government Resource
VU#312313

Source: CCN
Type: OSVDB ID: 15140
Solaris fs.auto XFS Font Server Crafted XFS Query Remote Overflow

Source: HP
Type: UNKNOWN
HPSBUX0212-228

Source: BID
Type: Patch, Vendor Advisory
6241

Source: CCN
Type: BID-6241
Multiple Vendor X Font Server Remote Buffer Overrun Vulnerability

Source: XF
Type: UNKNOWN
solaris-fsauto-execute-code(10375)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:149

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:152

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2816

Vulnerable Configuration:

Configuration 1:

cpe:/a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*

OR cpe:/a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*

OR cpe:/a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*

OR cpe:/a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*

OR cpe:/a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.1:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.2:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.3:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.4:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.5:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.6:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.7:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.8:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.9:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.10:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.11:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.12:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.13:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*

OR cpe:/o:sun:solaris:2.5.1:*:x86:*:*:*:*:*

OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:7.0:*:x86:*:*:*:*:*

OR cpe:/o:sun:solaris:8.0:*:x86:*:*:*:*:*

OR cpe:/o:sun:solaris:9.0:*:sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*

OR cpe:/o:sun:sunos:-:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:8.0:beta:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*

AND

cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:5.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:149	V	Solaris 8 X Font Server Remote Buffer Overrun	2010-09-20
oval:org.mitre.oval:def:152	V	Solaris 7 X Font Server Remote Buffer Overrun	2010-09-20
oval:org.mitre.oval:def:2816	V	XFS Dispatch() Buffer Overflow	2010-09-20

BACK