cvelistv5 - cve-2002-0073

CVE-2002-0073 (GCVE-0-2002-0073)

Vulnerability from cvelistv5

Published

2003-04-02 05:00

Modified

2024-08-08 02:35

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=101901273810598&w=2
cve@mitre.org	http://www.cert.org/advisories/CA-2002-09.html	US Government Resource
cve@mitre.org	http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
cve@mitre.org	http://www.digitaloffense.net/msftpd/advisory.txt
cve@mitre.org	http://www.iss.net/security_center/static/8801.php
cve@mitre.org	http://www.kb.cert.org/vuls/id/412203	US Government Resource
cve@mitre.org	http://www.osvdb.org/3328
cve@mitre.org	http://www.securityfocus.com/bid/4482
cve@mitre.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101901273810598&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-09.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.digitaloffense.net/msftpd/advisory.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/8801.php
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/412203	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/3328
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4482
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:35:17.441Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "iis-ftp-session-status-dos(8801)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8801.php"
          },
          {
            "name": "20020417 Microsoft FTP Service STAT Globbing DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
          },
          {
            "name": "VU#412203",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/412203"
          },
          {
            "name": "20020416 [VulnWatch] Microsoft FTP Service STAT Globbing DoS",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
          },
          {
            "name": "oval:org.mitre.oval:def:24",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
          },
          {
            "name": "3328",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/3328"
          },
          {
            "name": "MS02-018",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
          },
          {
            "name": "oval:org.mitre.oval:def:35",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
          },
          {
            "name": "4482",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4482"
          },
          {
            "name": "CA-2002-09",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2002-09.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
          },
          {
            "name": "20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-04-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-17T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "iis-ftp-session-status-dos(8801)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8801.php"
        },
        {
          "name": "20020417 Microsoft FTP Service STAT Globbing DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
        },
        {
          "name": "VU#412203",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/412203"
        },
        {
          "name": "20020416 [VulnWatch] Microsoft FTP Service STAT Globbing DoS",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
        },
        {
          "name": "oval:org.mitre.oval:def:24",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
        },
        {
          "name": "3328",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/3328"
        },
        {
          "name": "MS02-018",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
        },
        {
          "name": "oval:org.mitre.oval:def:35",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
        },
        {
          "name": "4482",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4482"
        },
        {
          "name": "CA-2002-09",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2002-09.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
        },
        {
          "name": "20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0073",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "iis-ftp-session-status-dos(8801)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8801.php"
            },
            {
              "name": "20020417 Microsoft FTP Service STAT Globbing DoS",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
            },
            {
              "name": "VU#412203",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/412203"
            },
            {
              "name": "20020416 [VulnWatch] Microsoft FTP Service STAT Globbing DoS",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
            },
            {
              "name": "oval:org.mitre.oval:def:24",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
            },
            {
              "name": "3328",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/3328"
            },
            {
              "name": "MS02-018",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
            },
            {
              "name": "oval:org.mitre.oval:def:35",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
            },
            {
              "name": "4482",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4482"
            },
            {
              "name": "CA-2002-09",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2002-09.html"
            },
            {
              "name": "http://www.digitaloffense.net/msftpd/advisory.txt",
              "refsource": "MISC",
              "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
            },
            {
              "name": "20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0073",
    "datePublished": "2003-04-02T05:00:00",
    "dateReserved": "2002-02-21T00:00:00",
    "dateUpdated": "2024-08-08T02:35:17.441Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-0073\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-04-22T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.\"},{\"lang\":\"es\",\"value\":\"El servicio FTP en Intenet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes que han establecido una sesi\u00f3n FTP causar una denegaci\u00f3n de servicio mediante una petici\u00f3n de estado especialmente formada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D47E9C4-5439-4A82-BBD8-D6B482B47E51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"413C07EA-139F-4B7D-A58B-835BD2591FA0\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cert.org/advisories/CA-2002-09.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.digitaloffense.net/msftpd/advisory.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.iss.net/security_center/static/8801.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/412203\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/3328\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/4482\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cert.org/advisories/CA-2002-09.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.digitaloffense.net/msftpd/advisory.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.iss.net/security_center/static/8801.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/412203\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/3328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/4482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

var-200204-0009

Vulnerability from variot

The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters. A vulnerability in IIS could allow an intruder to disrupt ordinary operations of both FTP and Web services on vulnerable IIS servers. The condition is present when a request is made for the FTP transfer status is made via the STAT command. A client issuing this command with a large number of file globbing characters as the argument may cause the service to crash. On IIS 4.0 servers, the service must be manually restarted. On IIS 5.0 and 5.1 servers, the service will restart itself automatically. A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200204-0009",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "internet information server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "microsoft",
        "version": "4.0"
      },
      {
        "model": "internet information services",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "microsoft",
        "version": "5.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "microsoft",
        "version": "5.1"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "microsoft",
        "version": "5.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "microsoft",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "internet information server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "5.0"
      },
      {
        "model": "internet information server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "5.1"
      },
      {
        "model": "unity server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.4"
      },
      {
        "model": "unity server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3"
      },
      {
        "model": "unity server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2"
      },
      {
        "model": "unity server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "unity server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.5"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.3"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.1"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "db": "BID",
        "id": "4482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:microsoft:iis",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "H D Moore\u203b hdm@metasploit.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2002-0073",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2002-0073",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2002-0073",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#412203",
            "trust": 0.8,
            "value": "24.48"
          },
          {
            "author": "NVD",
            "id": "CVE-2002-0073",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200204-017",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters. A vulnerability in IIS could allow an intruder to disrupt ordinary operations of both  FTP and Web services on vulnerable IIS servers. \nThe condition is present when a request is made for the FTP transfer status is made via the STAT command.  A client issuing this command with a large number of file globbing characters as the argument may cause the service to crash. \nOn IIS 4.0 servers, the service must be manually restarted.  On IIS 5.0 and 5.1 servers, the service will restart itself automatically. \nA number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-0073"
      },
      {
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "db": "BID",
        "id": "4482"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#412203",
        "trust": 3.5
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0073",
        "trust": 2.7
      },
      {
        "db": "BID",
        "id": "4482",
        "trust": 2.7
      },
      {
        "db": "OSVDB",
        "id": "3328",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "db": "BID",
        "id": "4482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "id": "VAR-200204-0009",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 1.0
  },
  "last_update_date": "2024-11-22T23:11:39.993000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "MS02-018",
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/security/bulletin/MS02-018.asp"
      },
      {
        "title": "MS02-018",
        "trust": 0.8,
        "url": "http://www.microsoft.com/japan/technet/security/bulletin/MS02-018.mspx"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.7,
        "url": "http://www.kb.cert.org/vuls/id/412203"
      },
      {
        "trust": 3.4,
        "url": "http://www.cert.org/advisories/ca-2002-09.html"
      },
      {
        "trust": 3.4,
        "url": "http://www.securityfocus.com/bid/4482"
      },
      {
        "trust": 2.6,
        "url": "http://www.iss.net/security_center/static/8801.php"
      },
      {
        "trust": 2.6,
        "url": "http://www.osvdb.org/3328"
      },
      {
        "trust": 2.6,
        "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
      },
      {
        "trust": 2.6,
        "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
      },
      {
        "trust": 2.6,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a24"
      },
      {
        "trust": 2.6,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a35"
      },
      {
        "trust": 2.6,
        "url": "http://www.cisco.com/warp/public/707/microsoft-iis-vulnerabilities-ms02-018.shtml"
      },
      {
        "trust": 2.6,
        "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
      },
      {
        "trust": 2.6,
        "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
      },
      {
        "trust": 0.8,
        "url": "about vulnerability notes"
      },
      {
        "trust": 0.8,
        "url": "contact us about this vulnerability"
      },
      {
        "trust": 0.8,
        "url": "provide a vendor statement"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0073"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/wr/2002/wr021401.txt"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnca-2002-09"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0073"
      },
      {
        "trust": 0.3,
        "url": "http://support.coresecurity.com/impact/exploits/97380de248eedb2084c8138ea4a2f3d1.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-018.asp"
      },
      {
        "trust": 0.3,
        "url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;q317636"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "db": "BID",
        "id": "4482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "db": "BID",
        "id": "4482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2002-04-10T00:00:00",
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "date": "2002-04-10T00:00:00",
        "db": "BID",
        "id": "4482"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "date": "2002-04-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      },
      {
        "date": "2002-04-22T04:00:00",
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2002-04-10T00:00:00",
        "db": "CERT/CC",
        "id": "VU#412203"
      },
      {
        "date": "2009-07-11T11:56:00",
        "db": "BID",
        "id": "4482"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2002-000079"
      },
      {
        "date": "2021-08-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      },
      {
        "date": "2024-11-20T23:38:14.537000",
        "db": "NVD",
        "id": "CVE-2002-0073"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft Internet Information Server (IIS) vulnerable to DoS via malformed FTP connection status request",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#412203"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200204-017"
      }
    ],
    "trust": 0.6
  }
}

gsd-2002-0073

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2002-0073

Aliases

CVE-2002-0073

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2002-0073",
    "description": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.",
    "id": "GSD-2002-0073"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2002-0073"
      ],
      "details": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.",
      "id": "GSD-2002-0073",
      "modified": "2023-12-13T01:24:07.977656Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2002-0073",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "iis-ftp-session-status-dos(8801)",
            "refsource": "XF",
            "url": "http://www.iss.net/security_center/static/8801.php"
          },
          {
            "name": "20020417 Microsoft FTP Service STAT Globbing DoS",
            "refsource": "BUGTRAQ",
            "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
          },
          {
            "name": "VU#412203",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/412203"
          },
          {
            "name": "20020416 [VulnWatch] Microsoft FTP Service STAT Globbing DoS",
            "refsource": "VULNWATCH",
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
          },
          {
            "name": "oval:org.mitre.oval:def:24",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
          },
          {
            "name": "3328",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/3328"
          },
          {
            "name": "MS02-018",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
          },
          {
            "name": "oval:org.mitre.oval:def:35",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
          },
          {
            "name": "4482",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/4482"
          },
          {
            "name": "CA-2002-09",
            "refsource": "CERT",
            "url": "http://www.cert.org/advisories/CA-2002-09.html"
          },
          {
            "name": "http://www.digitaloffense.net/msftpd/advisory.txt",
            "refsource": "MISC",
            "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
          },
          {
            "name": "20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0073"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.digitaloffense.net/msftpd/advisory.txt",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
            },
            {
              "name": "20020416 [VulnWatch] Microsoft FTP Service STAT Globbing DoS",
              "refsource": "VULNWATCH",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
            },
            {
              "name": "20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018",
              "refsource": "CISCO",
              "tags": [],
              "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
            },
            {
              "name": "CA-2002-09",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.cert.org/advisories/CA-2002-09.html"
            },
            {
              "name": "VU#412203",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/412203"
            },
            {
              "name": "4482",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/4482"
            },
            {
              "name": "3328",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/3328"
            },
            {
              "name": "iis-ftp-session-status-dos(8801)",
              "refsource": "XF",
              "tags": [],
              "url": "http://www.iss.net/security_center/static/8801.php"
            },
            {
              "name": "20020417 Microsoft FTP Service STAT Globbing DoS",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:35",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
            },
            {
              "name": "oval:org.mitre.oval:def:24",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
            },
            {
              "name": "MS02-018",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2020-11-23T19:49Z",
      "publishedDate": "2002-04-22T04:00Z"
    }
  }
}

ghsa-fhmg-928x-jg98

Vulnerability from github

Published

2022-04-30 18:18

Modified

2022-04-30 18:18

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2002-0073"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-04-22T04:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.",
  "id": "GHSA-fhmg-928x-jg98",
  "modified": "2022-04-30T18:18:28Z",
  "published": "2022-04-30T18:18:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0073"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://www.cert.org/advisories/CA-2002-09.html"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/8801.php"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/412203"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/3328"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/4482"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2002-0073

Vulnerability from fkie_nvd

Published

2002-04-22 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=101901273810598&w=2
cve@mitre.org	http://www.cert.org/advisories/CA-2002-09.html	US Government Resource
cve@mitre.org	http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
cve@mitre.org	http://www.digitaloffense.net/msftpd/advisory.txt
cve@mitre.org	http://www.iss.net/security_center/static/8801.php
cve@mitre.org	http://www.kb.cert.org/vuls/id/412203	US Government Resource
cve@mitre.org	http://www.osvdb.org/3328
cve@mitre.org	http://www.securityfocus.com/bid/4482
cve@mitre.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101901273810598&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-09.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.digitaloffense.net/msftpd/advisory.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/8801.php
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/412203	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/3328
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4482
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35

Impacted products

	Vendor	Product	Version
	microsoft	internet_information_server	4.0
	microsoft	internet_information_services	5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D47E9C4-5439-4A82-BBD8-D6B482B47E51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "413C07EA-139F-4B7D-A58B-835BD2591FA0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters."
    },
    {
      "lang": "es",
      "value": "El servicio FTP en Intenet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes que han establecido una sesi\u00f3n FTP causar una denegaci\u00f3n de servicio mediante una petici\u00f3n de estado especialmente formada."
    }
  ],
  "id": "CVE-2002-0073",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-04-22T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-09.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.iss.net/security_center/static/8801.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/412203"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/3328"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/4482"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=101901273810598\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-09.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.digitaloffense.net/msftpd/advisory.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.iss.net/security_center/static/8801.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/412203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/3328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/4482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A24"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2002-0073 (GCVE-0-2002-0073)

Vulnerability from cvelistv5

var-200204-0009

Vulnerability from variot

gsd-2002-0073

Vulnerability from gsd

ghsa-fhmg-928x-jg98

Vulnerability from github

fkie_cve-2002-0073

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature