Vulnerabilities > CVE-2002-0740 - Buffer Overflow vulnerability in SLRNPull Spool Directory Command Line Parameter

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

slrn-development-team

exploit available

NVD

Published: 2002-08-12

Updated: 2008-09-05

Summary

Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.

Vulnerable Configurations

Part	Description	Count
Application	Slrn_Development_Team Slrn Development Team Slrn 0.9.6.2 Slrn Development Team Slrn 0.9.6.3 Slrn Development Team Slrn 0.9.6.4	3

Exploit-Db

description	SLRNPull 0.9.6 Spool Directory Command Line Parameter Buffer Overflow Vulnerability. CVE-2002-0740. Local exploit for unix platform
id	EDB-ID:21408
last seen	2016-02-02
modified	2002-04-22
published	2002-04-22
reporter	zillion
source	https://www.exploit-db.com/download/21408/
title	SLRNPull 0.9.6 Spool Directory Command Line Parameter Buffer Overflow Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References