Lucene search

K
cve[email protected]CVE-2002-1247
HistoryNov 29, 2002 - 5:00 a.m.

CVE-2002-1247

2002-11-2905:00:00
web.nvd.nist.gov
22
cve-2002-1247
buffer overflow
lisa
local users
raw socket
logname environment variable
reslisa daemon

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

5.1%

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.

Affected configurations

NVD
Node
kdeklisaMatch2.2.2
OR
lisalisaMatch0.1
OR
lisalisaMatch0.1.2
Node
kdekdeMatch2.0
OR
kdekdeMatch2.1
OR
kdekdeMatch2.2
OR
kdekdeMatch3.0
OR
kdekdeMatch3.0.1
OR
kdekdeMatch3.0.2
OR
kdekdeMatch3.0.3
OR
kdekdeMatch3.0.3a
OR
kdekdeMatch3.0.4
VendorProductVersionCPE
lisalisa0.1cpe:/a:lisa:lisa:0.1:::
kdeklisa2.2.2cpe:/a:kde:klisa:2.2.2:::
lisalisa0.1.2cpe:/a:lisa:lisa:0.1.2:::

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

5.1%