CVE-2002-0468

Sažetak

Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.

Reference

http://marc.info/?l=listar-support&m=101590272221720&w=2
http://online.securityfocus.com/archive/1/269658
http://online.securityfocus.com/archive/1/269879
http://online.securityfocus.com/archive/82/258763
http://www.ecartis.org/
http://www.iss.net/security_center/static/8445.php
http://www.securityfocus.com/archive/1/261209
http://www.securityfocus.com/bid/4271

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

18-10-2016 - 02:20

Objavljeno

12-08-2002 - 04:00