CVE-2002-0735

Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.

Published: Aug 12, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0735
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
padl_software / nss_ldap	build_187	build_187.x
padl_software / nss_ldap	build_185.1	build_185.1.x
padl_software / nss_ldap	build_184	build_184.x
padl_software / nss_ldap	build_180	build_180.x
padl_software / nss_ldap	build_189	build_189.x
padl_software / nss_ldap	build_185.2	build_185.2.x
padl_software / nss_ldap	build_186	build_186.x
padl_software / nss_ldap	build_183	build_183.x
padl_software / nss_ldap	build_181	build_181.x
c-note / squid_auth_ldap	1.2_b2	1.2_b2.x
c-note / squid_auth_ldap	1.0.1	1.0.1.x
c-note / squid_auth_ldap	2.0	2.0.x
padl_software / pam_ldap	build_143	build_143.x
c-note / squid_auth_ldap	1.0.2_beta	1.0.2_beta.x
padl_software / nss_ldap	build_188	build_188.x
padl_software / nss_ldap	build_185	build_185.x
padl_software / nss_ldap	build_185.3	build_185.3.x

Vulnerability Database

290,278

CVE-2002-0735