CVE-2002-0587

Description

Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters.

Affected products

• AOL / aol_server3.0 – 3.0
• AOL / aol_server3.1 – 3.1
• AOL / aol_server3.2 – 3.2
• AOL / aol_server3.2.1 – 3.2.1
• AOL / aol_server3.3 – 3.3
• AOL / aol_server3.3.1 – 3.3.1
• AOL / aol_server3.4 – 3.4
• AOL / aol_server3.4.1 – 3.4.1
• AOL / aol_server3.4.2 – 3.4.2

References

• MISChttp://archives.neohapsis.com/archives/bugtraq/2002-04/0195.html
• MISChttp://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/aolserver/aolserver/nspd/log.c.diff?r1=1.4&r2=1.4.6.1
• MISChttp://sourceforge.net/tracker/index.php?func=detail&aid=533141&group_id=3152&atid=303152