Home > Vulnerability Database > CVE-2002-1755

Mend.io Vulnerability Database

CVE-2002-1755

Date: June 20, 2005

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC.

Severity Score

7.5

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2002-1755

Url: http://www.securityfocus.com/archive/1/249142

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/7868

Url: https://www.mend.io/vulnerability-database/CVE-2002-1755

Severity Score

7.5

CVSS v3

Base Score:	7.5
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL

CVSS v2

Base Score:	4.0
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2002-1755

Date: June 20, 2005

Severity Score

Related Resources (4)

Severity Score

CVSS v3

CVSS v2

Do you need more information?