CVE-2002-0314 - OpenCVE

fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Grokster	Grokster
Music City Networks	Morpheus
Fasttrack	Kazaa

Configuration 1 [-]

OR	cpe:2.3:a:fasttrack:kazaa:1.2:::::::*
	cpe:2.3:a:fasttrack:kazaa:1.3:::::::*
	cpe:2.3:a:fasttrack:kazaa:1.3.3:::::::*
	cpe:2.3:a:fasttrack:kazaa:1.4:::::::*
	cpe:2.3:a:grokster:grokster:1.3:::::::*
	cpe:2.3:a:grokster:grokster:1.3.3:::::::*
	cpe:2.3:a:music_city_networks:morpheus:1.3:::::::*
	cpe:2.3:a:music_city_networks:morpheus:1.3.3:::::::*

References

Link	Resource
http://marc.info/?l=bugtraq&m=101441689224760&w=2
http://www.iss.net/security_center/static/8273.php	Patch Vendor Advisory
http://www.securityfocus.com/bid/4122	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-05-03T04:00:00

Updated: 2016-10-17T13:57:01

Reserved: 2002-05-01T00:00:00

Link: CVE-2002-0314

JSON object: View

NVD Information

Status : Modified

Published: 2002-06-25T04:00:00.000

Modified: 2016-10-18T02:18:57.230

Link: CVE-2002-0314

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-02-22T00:00:00", "descriptions": [{"lang": "en", "value": "fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101441689224760&w=2"}, {"name": "fasttrack-message-service-dos(8273)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/8273.php"}, {"name": "4122", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/4122"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0314", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101441689224760&w=2"}, {"name": "fasttrack-message-service-dos(8273)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8273.php"}, {"name": "4122", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4122"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0314", "datePublished": "2002-05-03T04:00:00", "dateReserved": "2002-05-01T00:00:00", "dateUpdated": "2016-10-17T13:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fasttrack:kazaa:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B1822B5C-7CF1-471A-BCEB-45C0B7D4557F", "vulnerable": true}, {"criteria": "cpe:2.3:a:fasttrack:kazaa:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "952CFB2E-0EDC-42F7-AE61-FE24B788560E", "vulnerable": true}, {"criteria": "cpe:2.3:a:fasttrack:kazaa:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C1BF80EB-9419-4DFE-981C-16A13BA2514D", "vulnerable": true}, {"criteria": "cpe:2.3:a:fasttrack:kazaa:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "2167462C-1EE2-4135-A3C7-B406B2B4B1BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:grokster:grokster:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "1A111C90-0690-4959-A5A1-90DD92A29B47", "vulnerable": true}, {"criteria": "cpe:2.3:a:grokster:grokster:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "6C612287-28B4-4076-9996-1612664A1197", "vulnerable": true}, {"criteria": "cpe:2.3:a:music_city_networks:morpheus:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "428A1F71-03EA-44CC-AE40-6FD6BA9BB842", "vulnerable": true}, {"criteria": "cpe:2.3:a:music_city_networks:morpheus:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3C458BE-897A-4C88-BAB6-86755B896B89", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message."}], "id": "CVE-2002-0314", "lastModified": "2016-10-18T02:18:57.230", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-06-25T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101441689224760&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/8273.php"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/4122"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}