Vulnerabilities > CVE-2002-1158 - Local Buffer Overflow vulnerability in Canna Server
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-224.NASL description Several vulnerabilities have been discovered in canna, a Japanese input system. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities : - CAN-2002-1158 (BugTraq Id 6351): last seen 2020-06-01 modified 2020-06-02 plugin id 15061 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15061 title Debian DSA-224-1 : canna - buffer overflow and more NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2002-261.NASL description The Canna server, used for Japanese character input, has two security vulnerabilities including an exploitable buffer overflow that allows a local user to gain last seen 2020-06-01 modified 2020-06-02 plugin id 12336 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12336 title RHEL 2.1 : Canna (RHSA-2002:261)
Redhat
| advisories |
|
References
- http://canna.sourceforge.jp/sec/Canna-2002-01.txt
- http://marc.info/?l=bugtraq&m=104041812206344&w=2
- http://www.debian.org/security/2003/dsa-224
- http://www.redhat.com/support/errata/RHSA-2002-246.html
- http://www.redhat.com/support/errata/RHSA-2002-261.html
- http://www.redhat.com/support/errata/RHSA-2003-115.html
- http://www.securityfocus.com/bid/6351
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10831