PT-2002-2695 · Sharp · Zaurus

Published

2002-12-31

Updated

2008-09-05

CVE-2002-1974

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Zaurus PDAs versions SL-5000D and SL-5500

Description The issue concerns the FTP service, which does not require authentication. This allows remote attackers to access the file system with root privileges.

Recommendations For Zaurus PDAs versions SL-5000D and SL-5500, consider disabling the FTP service until a patch is available to prevent unauthorized access to the file system.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1974

Affected Products

Zaurus

PT-2002-2695 · Sharp · Zaurus

CVE-2002-1974

Related Identifiers

Affected Products

References · 6