Lucene search
MitreCVE-2003-1167HistoryMay 10, 2005 - 4:00 a.m.
CVE-2003-1167
2005-05-1004:00:00
mitre
web.nvd.nist.gov
27
cve-2003-1167
kpopup 0.9.1
privilege escalation
path variable
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
High
EPSS
0
Percentile
0.4%
misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program.
Affected configurations
Node
gernot_stockerkpopupMatch0.9.1
ORgernot_stockerkpopupMatch0.9.5_pre2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gernot_stocker | kpopup | 0.9.1 | cpe:2.3:a:gernot_stocker:kpopup:0.9.1:*:*:*:*:*:*:* |
| gernot_stocker | kpopup | 0.9.5_pre2 | cpe:2.3:a:gernot_stocker:kpopup:0.9.5_pre2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2003-1167
2005-05-10 04:00:00
nvd
nvd
CVE-2003-1167
2003-12-31 05:00:00
exploitdb
exploitdb
kpopup 0.9.x - Privileged Command Execution
2003-10-28 00:00:00
freebsd
freebsd
kpopup -- local root exploit and local denial of service
2003-10-28 00:00:00
nessus
nessus
openvas
openvas
FreeBSD Ports: kpopup
2008-09-04 00:00:00
FreeBSD Ports: kpopup
2008-09-04 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
High
EPSS
0
Percentile
0.4%
Related for CVE-2003-1167