Vulnerabilities > CVE-2002-0469

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

ecartis

listar

NVD

Published: 2002-08-12

Updated: 2008-09-05

Summary

Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Ecartis Ecartis Ecartis 1.0.0_Snapshot_2002-01-21 Ecartis Ecartis 1.0.0_Snapshot_2002-01-25	2
Application	Listar Listar Listar 0.126A Listar Listar 0.127A Listar Listar 0.129A	3

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html
http://www.iss.net/security_center/static/8444.php
http://www.securityfocus.com/archive/1/261209
http://www.securityfocus.com/bid/4277

Vulnerabilities > CVE-2002-0469 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2002-0469"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2002-0469