Lucene search

[email protected]CVE-2002-0162

HistoryMar 27, 2002 - 5:00 a.m.

CVE-2002-0162

2002-03-2705:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-0162

logwatch

symlink attack

local user

code execution

7.4 High

AI Score

Confidence

High

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.

CPENameOperatorVersion
logwatch:logwatchlogwatchle2.5

CPE	Name	Operator	Version
logwatch:logwatch	logwatch	le	2.5

References

list.kaybee.org/archives/logwatch-announce/2002-March/000002.html

marc.info/?l=bugtraq&m=101724766216872

online.securityfocus.com/archive/82/264233

www.iss.net/security_center/static/8652.php

www.securityfocus.com/bid/4374

7.4 High

AI Score

Confidence

High

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2002-0162

cve1