Lucene search

[email protected]CVE-2002-0762

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0762

2002-08-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

suse

shadow package

local users

/etc/passwd

/etc/shadow

filesize limits

group privileges

nvd

cve-2002-0762

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.

CPENameOperatorVersion
suse:suse_linuxsuse suse linuxeq8.0

CPE	Name	Operator	Version
suse:suse_linux	suse suse linux	eq	8.0

References

www.iss.net/security_center/static/9102.php

www.novell.com/linux/security/advisories/2002_17_shadow.html

www.securityfocus.com/bid/4757

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2002-0762

suse1