Vulnerabilities > CVE-2002-0851 - Unspecified vulnerability in Isdn4Linux 3.1Pre1

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

isdn4linux

exploit available

NVD

Published: 2002-09-05

Updated: 2008-09-05

Summary

Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.

Vulnerable Configurations

Part	Description	Count
Application	Isdn4Linux Isdn4Linux Isdn4Linux 3.1_Pre1	1

Exploit-Db

description	ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability (2). CVE-2002-0851. Local exploit for linux platform
id	EDB-ID:21701
last seen	2016-02-02
modified	2002-08-10
published	2002-08-10
reporter	TESO Security
source	https://www.exploit-db.com/download/21701/
title	ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability 2

description	ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability (1). CVE-2002-0851. Local exploit for linux platform
id	EDB-ID:21700
last seen	2016-02-02
modified	2002-08-10
published	2002-08-10
reporter	Gobbles Security
source	https://www.exploit-db.com/download/21700/
title	ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability 1

Summary

Vulnerable Configurations

Exploit-Db

References