Vulnerabilities > CVE-2002-1506 - Local Environment Variable Buffer Overflow vulnerability in Linuxconf
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
Vulnerable Configurations
Exploit-Db
description Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (2). CVE-2002-1506. Local exploit for linux platform id EDB-ID:21762 last seen 2016-02-02 modified 2002-08-28 published 2002-08-28 reporter David Endler source https://www.exploit-db.com/download/21762/ title Linuxconf 1.1.x / 1.2.x - Local Environment Variable Buffer Overflow Vulnerability 2 description Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (1). CVE-2002-1506. Local exploit for linux platform id EDB-ID:21761 last seen 2016-02-02 modified 2002-08-28 published 2002-08-28 reporter RaiSe source https://www.exploit-db.com/download/21761/ title Linuxconf 1.1.x / 1.2.x - Local Environment Variable Buffer Overflow Vulnerability 1 description Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (3). CVE-2002-1506. Local exploit for linux platform id EDB-ID:21763 last seen 2016-02-02 modified 2002-08-28 published 2002-08-28 reporter syscalls source https://www.exploit-db.com/download/21763/ title Linuxconf 1.1.x / 1.2.x - Local Environment Variable Buffer Overflow Vulnerability 3