CyberSec.Space Logo
Back to CVE Browser

CVE-2002-2036

HIGH
7.5
CVSS Severity Score
EPSS Score0.1570%
EPSS Percentile43.34th
PublishedDec 31, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client.

Affected Platforms (CPE)

πŸ“¦
Sun

Ray Server Software

= 1.3

References & Advisories

πŸ”— http://sunsolve.sun.com/search/document.do?assetkey=1-26-44069-1
πŸ”— http://www.iss.net/security_center/static/9252.php
πŸ”— http://www.securityfocus.com/bid/4911
πŸ”— http://sunsolve.sun.com/search/document.do?assetkey=1-26-44069-1
πŸ”— http://www.iss.net/security_center/static/9252.php
πŸ”— http://www.securityfocus.com/bid/4911

Related Vulnerabilities

CVE-2009-429410.0

Unspecified vulnerability in the Authentication Manager (aka utauthd) in Sun Ray Server Software 4.0 and 4.1 allows remote attacke...

CVE-2010-088810.0

Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 allows remote att...

CVE-2007-64827.8

Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remo...

CVE-2009-42957.8

Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 15...