Lucene search

K
cve[email protected]CVE-2002-1247
HistoryNov 29, 2002 - 5:00 a.m.

CVE-2002-1247

2002-11-2905:00:00
web.nvd.nist.gov
22
cve-2002-1247
buffer overflow
lisa
local users
raw socket
logname environment variable
reslisa daemon

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.

Affected configurations

NVD
Node
kdeklisaMatch2.2.2
OR
lisalisaMatch0.1
OR
lisalisaMatch0.1.2
Node
kdekdeMatch2.0
OR
kdekdeMatch2.1
OR
kdekdeMatch2.2
OR
kdekdeMatch3.0
OR
kdekdeMatch3.0.1
OR
kdekdeMatch3.0.2
OR
kdekdeMatch3.0.3
OR
kdekdeMatch3.0.3a
OR
kdekdeMatch3.0.4

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%