CVE-2002-1565 - Vulnerability Details - OpenCVE

Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Immunix	Immunix
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:immunix:immunix:7:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2003:372	2003-12-10T00:00:00Z
Red Hat Enterprise Linux ES version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2003:372	2003-12-10T00:00:00Z
Red Hat Enterprise Linux WS version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2003:372	2003-12-10T00:00:00Z
Red Hat Linux Advanced Workstation 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2003:372	2003-12-10T00:00:00Z

References

Link	Providers
ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716
http://marc.info/?l=bugtraq&m=105474357016184&w=2
http://www.debian.org/security/2002/dsa-209
http://www.redhat.com/support/errata/RHSA-2003-372.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/10851
https://nvd.nist.gov/vuln/detail/CVE-2002-1565
https://www.cve.org/CVERecord?id=CVE-2002-1565

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-06-05T04:00:00

Updated: 2024-08-08T03:26:28.998Z

Reserved: 2003-06-04T00:00:00

Link: CVE-2002-1565

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2003-06-16T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2002-1565

Redhat

Severity : Low

Publid Date: 2002-12-12T00:00:00Z

Links: CVE-2002-1565 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-12-12T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20040202-01-U", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"}, {"name": "CSSA-2003-003.0", "tags": ["vendor-advisory", "x_refsource_SCO"], "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt"}, {"name": "CLA-2003:716", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716"}, {"name": "DSA-209", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2002/dsa-209"}, {"name": "20030604 Immunix Secured OS 7+ wget update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=105474357016184&w=2"}, {"name": "RHSA-2003:372", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html"}, {"name": "wget-url-filename-bo(10851)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1565", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20040202-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"}, {"name": "CSSA-2003-003.0", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt"}, {"name": "CLA-2003:716", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716"}, {"name": "DSA-209", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-209"}, {"name": "20030604 Immunix Secured OS 7+ wget update", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=105474357016184&w=2"}, {"name": "RHSA-2003:372", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html"}, {"name": "wget-url-filename-bo(10851)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:26:28.998Z"}, "title": "CVE Program Container", "references": [{"name": "20040202-01-U", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"}, {"name": "CSSA-2003-003.0", "tags": ["vendor-advisory", "x_refsource_SCO", "x_transferred"], "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt"}, {"name": "CLA-2003:716", "tags": ["vendor-advisory", "x_refsource_CONECTIVA", "x_transferred"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716"}, {"name": "DSA-209", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2002/dsa-209"}, {"name": "20030604 Immunix Secured OS 7+ wget update", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105474357016184&w=2"}, {"name": "RHSA-2003:372", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html"}, {"name": "wget-url-filename-bo(10851)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1565", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2003-06-04T00:00:00", "dateUpdated": "2024-08-08T03:26:28.998Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:immunix:immunix:7:*:*:*:*:*:*:*", "matchCriteriaId": "5B1168B3-4B2D-435C-BF48-A19BAA8D75AB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la funci\u00f3n url_filename de wget 1.8.1 permite que atacantes remotos causen una denegaci\u00f3n de servicio (\"segmentation fault\") y posiblemente ejecuten c\u00f3digo arbitrario mediante una URL muy larga"}], "id": "CVE-2002-1565", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-06-16T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt"}, {"source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"}, {"source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=105474357016184&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2002/dsa-209"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=105474357016184&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2002/dsa-209"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}