Vulnerability Details CVE-2002-1506
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v2 Score 7.2
References
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0304.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0093.html
- http://www.iss.net/security_center/static/9980.php
- http://www.securityfocus.com/bid/5585
- http://www.solucorp.qc.ca/changes.hc?projet=linuxconf&version=1.28r4
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0304.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0093.html
- http://www.iss.net/security_center/static/9980.php
- http://www.securityfocus.com/bid/5585
- http://www.solucorp.qc.ca/changes.hc?projet=linuxconf&version=1.28r4
Products affected by CVE-2002-1506
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.6r10
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.7
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.8
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.9r1
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.9r2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r1
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r3
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r4
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r5
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r6
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r7
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r8
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3r1
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3r2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r4
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r5
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.27
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r3
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r4
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r5
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.28
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r1
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r3
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2r1
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2r2