Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1500

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-1500
Last Modified 05 Sep 2008 04:30:45
Published 02 Apr 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1500

Summary

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().

Vulnerable Systems

Operating System

  • Netbsd 1.4

  • Netbsd 1.4.1

  • Netbsd 1.4.2

  • Netbsd 1.4.3

  • Netbsd 1.5

  • Netbsd 1.5.1

  • Netbsd 1.5.2

  • Netbsd 1.5.3


References

BID - 5727

XF - netbsd-fdset-bo(10114)

NETBSD - NetBSD-SA2002-014


Last Updated: 27 May 2016 10:37:22