Lucene search

[email protected]CVE-2001-0459

HistoryJun 27, 2001 - 4:00 a.m.

CVE-2001-0459

2001-06-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0459

ascdc afterstep

buffer overflow

setuid

local user

root privileges

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.

CPENameOperatorVersion
afterstep.org:afterstepafterstep.org afterstepeq*
rob_malda:ascdcrob malda ascdceq0.3

CPE	Name	Operator	Version
afterstep.org:afterstep	afterstep.org afterstep	eq	*
rob_malda:ascdc	rob malda ascdc	eq	0.3

References

marc.info/?l=bugtraq&m=98408897106411&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/6204

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON