Executive Summary

Informations
Name CVE-2002-1500 First vendor Publication 2003-04-02
Vendor Cve Last vendor Modification 2008-09-05

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1500

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 23

Open Source Vulnerability Database (OSVDB)

Id Description
7569 NetBSD mrinfo FD_SET File Descriptor Overflow

A local overflow exists in NetBSD's mrinfo. mrinfo and other multicast mbone tools fails to correctly perform boundary checking on FD_SET() operations, allowing a user to fill up the file descriptor tables and then exec the binary, resulting in a buffer overflow. An attacker can cause their privileges to be elevated to root, resulting in a loss of confidentiality, integrity, and/or availability.
7568 NetBSD pppd FD_SET File Descriptor Overflow

A local overflow exists in NetBSD's pppd. pppd and the multicast mbone tools fails to correctly perform boundary checking on FD_SET() operations, allowing a user to fill up the file descriptor tables and then exec the binary, resulting in a buffer overflow. An attacker can cause their privileges to be elevated to root, resulting in a loss of confidentiality, integrity, and/or availability.
7567 NetBSD mtrace FD_SET File Descriptor Overflow

A local overflow exists in NetBSD's mtrace. mtrace and other multicast mbone tools fails to correctly perform boundary checking on FD_SET() operations, allowing a user to fill up the file descriptor tables and then exec the binary, resulting in a buffer overflow. An attacker can cause their privileges to be elevated to root, resulting in a loss of confidentiality, integrity, and/or availability.

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/5727
NETBSD ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc
XF http://www.iss.net/security_center/static/10114.php

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2021-05-04 12:01:49
  • Multiple Updates
2021-04-22 01:01:56
  • Multiple Updates
2020-05-23 00:15:09
  • Multiple Updates
2013-05-11 12:13:29
  • Multiple Updates