Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0468

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2002-0468
Last Modified 05 Sep 2008 04:28:06
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0468

Summary

Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.

Vulnerable Systems

Application

  • Ecartis 1.0.0 Snapshot 2002-01-21

  • Ecartis 1.0.0 Snapshot 2002-01-25

  • Listar 0.126a

  • Listar 0.127a

  • Listar 0.129a


References

BID - 4271

BUGTRAQ - 20020310 Ecartis/Listar multiple vulnerabilities

XF - ecartis-local-bo(8445)

CONFIRM - http://www.ecartis.org/

VULN-DEV - 20020227 listar / ecaris remote or local?

BUGTRAQ - 20020427 Response to KF about Listar/Ecartis Vulnerability

BUGTRAQ - 20020425 ecartis / listar PoC

MISC - http://marc.theaimsgroup.com/?l=listar-support&m=101590272221720&w=2


Last Updated: 27 May 2016 10:36:55