Lucene search

[email protected]CVE-2005-1019

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1019

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

buffer overflow

getconfig function

aeon 0.2a

local users

privileges

home environment variable

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable.

Affected configurations

NVD

Node

aeonaeonMatch0.1.8

aeonaeonMatch0.1.9

aeonaeonMatch0.2

aeonaeonMatch0.2a

CPENameOperatorVersion
aeon:aeonaeoneq0.1.8
aeon:aeonaeoneq0.1.9
aeon:aeonaeoneq0.2
aeon:aeonaeoneq0.2a

CPE	Name	Operator	Version
aeon:aeon	aeon	eq	0.1.8
aeon:aeon	aeon	eq	0.1.9
aeon:aeon	aeon	eq	0.2
aeon:aeon	aeon	eq	0.2a

References

marc.info/?l=bugtraq&m=111262942708249&w=2

security-tmp.h14.ru/exploits/23laeon.c.txt

exchange.xforce.ibmcloud.com/vulnerabilities/19951

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2005-1019

cvelist1 nvd1