JVN/CVE Demo: Cveinfos

CVE

Id: 4766
CVE No.: CVE-2002-0374
Status: Entry
Description: Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name.
Phase
Votes
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
23978	4766	CVE-2002-0374	BUGTRAQ:20020506 ldap vulnerabilities	View
23979	4766	CVE-2002-0374	VULNWATCH:20020506 ldap vulnerabilities	View
23980	4766	CVE-2002-0374	URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html	View
23981	4766	CVE-2002-0374	CALDERA:CSSA-2002-041.0	View
23982	4766	CVE-2002-0374	URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-041.0.txt	View
23983	4766	CVE-2002-0374	MANDRAKE:MDKSA-2002:075	View
23984	4766	CVE-2002-0374	URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075	View
23985	4766	CVE-2002-0374	REDHAT:RHSA-2002:084	View
23986	4766	CVE-2002-0374	URL:http://www.redhat.com/support/errata/RHSA-2002-084.html	View
23987	4766	CVE-2002-0374	REDHAT:RHSA-2002:141	View
23988	4766	CVE-2002-0374	URL:http://www.redhat.com/support/errata/RHSA-2002-141.html	View
23989	4766	CVE-2002-0374	REDHAT:RHSA-2002:175	View
23990	4766	CVE-2002-0374	URL:http://www.redhat.com/support/errata/RHSA-2002-175.html	View
23991	4766	CVE-2002-0374	REDHAT:RHSA-2002:180	View
23992	4766	CVE-2002-0374	URL:http://www.redhat.com/support/errata/RHSA-2002-180.html	View
23993	4766	CVE-2002-0374	BUGTRAQ:20021030 GLSA: pam_ldap	View
23994	4766	CVE-2002-0374	URL:http://marc.info/?l=bugtraq&m=103601912505261&w=2	View
23995	4766	CVE-2002-0374	XF:pamldap-config-format-string(9018)	View
23996	4766	CVE-2002-0374	URL:http://www.iss.net/security_center/static/9018.php	View
23997	4766	CVE-2002-0374	BID:4679	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
63792	JVNDB-2002-000119	Red Hat Linux の pam_ldap モジュールにおけるフォーマットストリングの脆弱性	Red Hat Linux の pam_ldap モジュールにおいて、pam_ldap モジュールの設定ファイル名に悪意ある文字列を組み込まれた場合に、syslog () 関数の扱いの不備により、フォーマットストリングが発生する脆弱性が存在します。	CVE-2002-0374	4766	7.5		http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000119.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.28 MB
View render complete	2.71 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.76
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	422.69
Event: Controller.beforeRender	4.12
» Processing toolbar data	4.05
Rendering View	7.52
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	6.62
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.49
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/4766
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/4766
Remote Port	17142
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	18.117.241.170
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=r5vdu533lpcgn4t929c67rhm00
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectdos	1
X Dostranslated Ip	18.117.241.170
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	18.117.241.170
Unique Id	aCAOh8b-6fzsyZ8B0UmCwgAAAcM
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectdos	1
Redirect X Dostranslated Ip	18.117.241.170
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	18.117.241.170
Redirect Unique Id	aCAOh8b-6fzsyZ8B0UmCwgAAAcM
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	18.117.241.170
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	18.117.241.170
Redirect Redirect Unique Id	aCAOh8b-6fzsyZ8B0UmCwgAAAcM
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746931335.7026
Request Time	1746931335

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files