Lucene search

[email protected]CVE-2002-2023

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2023

2022-10-0316:23:49

[email protected]

web.nvd.nist.gov

cve-2002-2023

beep2

information security

vulnerability

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors.

Affected configurations

NVD

Node

yamaguchishingo_beep2Match1.0

yamaguchishingo_beep2Match1.0a

yamaguchishingo_beep2Match1.1

yamaguchishingo_beep2Match1.2

CPENameOperatorVersion
yamaguchi:shingo_beep2yamaguchi shingo beep2eq1.0
yamaguchi:shingo_beep2yamaguchi shingo beep2eq1.0a
yamaguchi:shingo_beep2yamaguchi shingo beep2eq1.1
yamaguchi:shingo_beep2yamaguchi shingo beep2eq1.2

CPE	Name	Operator	Version
yamaguchi:shingo_beep2	yamaguchi shingo beep2	eq	1.0
yamaguchi:shingo_beep2	yamaguchi shingo beep2	eq	1.0a
yamaguchi:shingo_beep2	yamaguchi shingo beep2	eq	1.1
yamaguchi:shingo_beep2	yamaguchi shingo beep2	eq	1.2

References

www.kip.iis.toyama-u.ac.jp/~shingo/beep/package/src/beep2-1.2a.tar.gz

www.securityfocus.com/bid/3859

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2002-2023

cvelist1 nvd1