Executive Summary

Informations
Name CVE-2002-0178 First vendor Publication 2002-05-29
Vendor Cve Last vendor Modification 2024-11-20

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0178

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

Open Source Vulnerability Database (OSVDB)

Id Description
8274 SCO OpenServer uudecode Arbitrary File Overwrite

OpenServer contains a flaw in the in the /usr/bin/uudecode binary which does not verify if it is writing to a file, a symlink, or an open pipe. This flaw may allow a local attacker to overwrite arbitrary files through symbolic links, resulting in a loss of data integrity
5346 sharutils uudecode Link/Pipe Arbitrary Command Execution

Nessus® Vulnerability Scanner

Date Description
2004-07-31 Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2002-052.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2003-180.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-040.0.txt
http://marc.info/?l=bugtraq&m=103599320902432&w=2
http://online.securityfocus.com/advisories/4132
http://www.aerasec.de/security/index.html?id=ae-200204-033&lang=en
http://www.iss.net/security_center/static/9075.php
http://www.kb.cert.org/vuls/id/336083
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-052.php
http://www.osvdb.org/8274
http://www.redhat.com/support/errata/RHSA-2002-065.html
http://www.redhat.com/support/errata/RHSA-2003-180.html
http://www.securityfocus.com/bid/4742
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2024-11-28 23:23:57
  • Multiple Updates
2024-11-28 12:04:57
  • Multiple Updates
2021-05-04 12:01:37
  • Multiple Updates
2021-04-22 01:01:45
  • Multiple Updates
2020-05-23 00:14:55
  • Multiple Updates
2016-10-18 12:00:59
  • Multiple Updates
2016-06-28 14:58:24
  • Multiple Updates
2014-02-17 10:24:31
  • Multiple Updates
2013-05-11 12:08:22
  • Multiple Updates