{"api_version":"1","generated_at":"2026-04-23T06:07:24+00:00","cve":"CVE-2002-0885","urls":{"html":"https://cve.report/CVE-2002-0885","api":"https://cve.report/api/cve/CVE-2002-0885.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2002-0885","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2002-0885"},"summary":{"title":"CVE-2002-0885","description":"Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.","state":"PUBLISHED","assigner":"mitre","published_at":"2002-10-04 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt","name":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.securityfocus.com/bid/4791","name":"http://www.securityfocus.com/bid/4791","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Multiple Vendor In.Rarpd Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.iss.net/security_center/static/9150.php","name":"http://www.iss.net/security_center/static/9150.php","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"ISS X-Force Database: solaris-inrarpd-code-execution (9150): Solaris in.rarpd multiple buffer overflows and format strings could allow an attacker to execute arbitrary code","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html","name":"http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Neohapsis Archives - VulnWatch - [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd - From davidreign@hotmail.com","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://online.securityfocus.com/archive/1/273584","name":"http://online.securityfocus.com/archive/1/273584","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus HOME Mailing List: BugTraq","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2002-0885","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-0885","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2002","cve_id":"885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"caldera","cpe5":"openunix","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2002","cve_id":"885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"caldera","cpe5":"unixware","cpe6":"7.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2002","cve_id":"885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"sun","cpe5":"sunos","cpe6":"5.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2002","cve_id":"885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"sun","cpe5":"sunos","cpe6":"5.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T03:03:49.306Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"4791","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/4791"},{"name":"20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd","tags":["mailing-list","x_refsource_VULNWATCH","x_transferred"],"url":"http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"},{"name":"20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://online.securityfocus.com/archive/1/273584"},{"tags":["x_refsource_MISC","x_transferred"],"url":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"},{"name":"solaris-inrarpd-code-execution(9150)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"http://www.iss.net/security_center/static/9150.php"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2002-05-22T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2002-09-10T09:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"4791","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/4791"},{"name":"20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd","tags":["mailing-list","x_refsource_VULNWATCH"],"url":"http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"},{"name":"20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://online.securityfocus.com/archive/1/273584"},{"tags":["x_refsource_MISC"],"url":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"},{"name":"solaris-inrarpd-code-execution(9150)","tags":["vdb-entry","x_refsource_XF"],"url":"http://www.iss.net/security_center/static/9150.php"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2002-0885","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"4791","refsource":"BID","url":"http://www.securityfocus.com/bid/4791"},{"name":"20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd","refsource":"VULNWATCH","url":"http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"},{"name":"20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd","refsource":"BUGTRAQ","url":"http://online.securityfocus.com/archive/1/273584"},{"name":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt","refsource":"MISC","url":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"},{"name":"solaris-inrarpd-code-execution(9150)","refsource":"XF","url":"http://www.iss.net/security_center/static/9150.php"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2002-0885","datePublished":"2002-08-31T04:00:00.000Z","dateReserved":"2002-08-16T00:00:00.000Z","dateUpdated":"2024-08-08T03:03:49.306Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2002-10-04 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*","matchCriteriaId":"9341A7B9-9087-4022-BA1C-254B0050FA88"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:caldera:openunix:8.0:*:*:*:*:*:*:*","matchCriteriaId":"979D9A9B-2A7E-40D4-846C-A195EC89CCEA"},{"vulnerable":true,"criteria":"cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*","matchCriteriaId":"08003947-A4F1-44AC-84C6-9F8D097EB759"},{"vulnerable":true,"criteria":"cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*","matchCriteriaId":"A2475113-CFE4-41C8-A86F-F2DA6548D224"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2002","CveId":"885","Ordinal":"1","Title":"CVE-2002-0885","CVE":"CVE-2002-0885","Year":"2002"},"notes":[{"CveYear":"2002","CveId":"885","Ordinal":"1","NoteData":"Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.","Type":"Description","Title":"CVE-2002-0885"},{"CveYear":"2002","CveId":"885","Ordinal":"2","NoteData":"2002-08-31","Type":"Other","Title":"Published"},{"CveYear":"2002","CveId":"885","Ordinal":"3","NoteData":"2002-09-10","Type":"Other","Title":"Modified"}]}}}