Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-1500 | First vendor Publication | 2003-04-02 |
Vendor | Cve | Last vendor Modification | 2008-09-05 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1500 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
7569 | NetBSD mrinfo FD_SET File Descriptor Overflow A local overflow exists in NetBSD's mrinfo. mrinfo and other multicast mbone tools fails to correctly perform boundary checking on FD_SET() operations, allowing a user to fill up the file descriptor tables and then exec the binary, resulting in a buffer overflow. An attacker can cause their privileges to be elevated to root, resulting in a loss of confidentiality, integrity, and/or availability. |
7568 | NetBSD pppd FD_SET File Descriptor Overflow A local overflow exists in NetBSD's pppd. pppd and the multicast mbone tools fails to correctly perform boundary checking on FD_SET() operations, allowing a user to fill up the file descriptor tables and then exec the binary, resulting in a buffer overflow. An attacker can cause their privileges to be elevated to root, resulting in a loss of confidentiality, integrity, and/or availability. |
7567 | NetBSD mtrace FD_SET File Descriptor Overflow A local overflow exists in NetBSD's mtrace. mtrace and other multicast mbone tools fails to correctly perform boundary checking on FD_SET() operations, allowing a user to fill up the file descriptor tables and then exec the binary, resulting in a buffer overflow. An attacker can cause their privileges to be elevated to root, resulting in a loss of confidentiality, integrity, and/or availability. |
Sources (Detail)
Source | Url |
---|---|
BID | http://www.securityfocus.com/bid/5727 |
NETBSD | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc |
XF | http://www.iss.net/security_center/static/10114.php |
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:49 |
|
2021-04-22 01:01:56 |
|
2020-05-23 00:15:09 |
|
2013-05-11 12:13:29 |
|