PT-2002-1646 · Foundstone · Foundstone Fscan

Published

2002-06-18

Updated

2008-09-05

CVE-2002-0598

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Foundstone FScan version 1.12

Description A format string issue allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner when banner grabbing is enabled.

Recommendations For Foundstone FScan version 1.12, consider disabling the banner grabbing feature as a temporary workaround until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0598

Affected Products

Foundstone Fscan

PT-2002-1646 · Foundstone · Foundstone Fscan

CVE-2002-0598

Related Identifiers

Affected Products

References · 5