Vulnerability Details CVE-2002-1247
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.4%
CVSS Severity
CVSS v2 Score 7.2
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html
- http://marc.info/?l=bugtraq&m=103704823501757&w=2
- http://marc.info/?l=bugtraq&m=103712329102632&w=2
- http://marc.info/?l=bugtraq&m=103728981029342&w=2
- http://www.ciac.org/ciac/bulletins/n-020.shtml
- http://www.debian.org/security/2002/dsa-193
- http://www.idefense.com/advisory/11.11.02.txt
- http://www.iss.net/security_center/static/10592.php
- http://www.mandriva.com/security/advisories?name=MDKSA-2002:080
- http://www.redhat.com/support/errata/RHSA-2002-220.html
- http://www.securityfocus.com/bid/6157
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html
- http://marc.info/?l=bugtraq&m=103704823501757&w=2
- http://marc.info/?l=bugtraq&m=103712329102632&w=2
- http://marc.info/?l=bugtraq&m=103728981029342&w=2
- http://www.ciac.org/ciac/bulletins/n-020.shtml
- http://www.debian.org/security/2002/dsa-193
- http://www.idefense.com/advisory/11.11.02.txt
- http://www.iss.net/security_center/static/10592.php
- http://www.mandriva.com/security/advisories?name=MDKSA-2002:080
- http://www.redhat.com/support/errata/RHSA-2002-220.html
- http://www.securityfocus.com/bid/6157
Products affected by CVE-2002-1247
-
cpe:2.3:a:kde:klisa:2.2.2
-
cpe:2.3:a:lisa:lisa:0.1
-
cpe:2.3:a:lisa:lisa:0.1.2
-
cpe:2.3:o:kde:kde:2.0
-
cpe:2.3:o:kde:kde:2.1
-
cpe:2.3:o:kde:kde:2.2
-
cpe:2.3:o:kde:kde:3.0
-
cpe:2.3:o:kde:kde:3.0.1
-
cpe:2.3:o:kde:kde:3.0.2
-
cpe:2.3:o:kde:kde:3.0.3
-
cpe:2.3:o:kde:kde:3.0.3a
-
cpe:2.3:o:kde:kde:3.0.4