CVE-2002-2023

2022-10-0316:23:49

mitre

www.cve.org

get_parameter_from_freqency_source

beep2

setuid root

local users

arbitrary files

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors.

References

www.kip.iis.toyama-u.ac.jp/~shingo/beep/package/src/beep2-1.2a.tar.gz

www.securityfocus.com/bid/3859