CVE-2002-0499

2002-06-1104:00:00

mitre

www.cve.org

AI Score

6.2

Confidence

Low

EPSS

Percentile

0.4%

JSON

The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.

References

archives.neohapsis.com/archives/vulnwatch/2002-q1/0074.html

www.cs.helsinki.fi/linux/linux-kernel/2002-13/0054.html

www.iss.net/security_center/static/8634.php

www.securityfocus.com/archive/1/264117

www.securityfocus.com/bid/4367