Vulnerabilities > CVE-2001-1553 - Local Security vulnerability in University of California Seti AT Home 3.03

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

university-of-california

NVD

Published: 2001-12-31

Updated: 2008-09-05

Summary

Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_passwd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be included in CVE.

Vulnerable Configurations

Part	Description	Count
Application	University_Of_California University OF California Seti AT Home 3.03	1

References

http://archives.neohapsis.com/archives/vuln-dev/2001-q4/0662.html