NVD脆弱性詳細

CVE-2002-1506

概要	Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
公表日	2003年4月2日14:00
登録日	2021年1月29日18:04
最終更新日	2008年9月6日5:30

CVSS2.0 : HIGH
スコア	7.2
ベクター	AV:L/AC:L/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
全ての特権を取得	はい
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.6r10:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.7:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.8:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.9r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.9r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r3:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r5:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r6:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r7:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r8:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r5:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r3:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r5:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r3:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.6r10:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.7:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.8:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.9r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.1.9r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r3:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r5:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r6:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r7:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.1r8:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.3r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r5:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.2r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r3:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r4:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.27r5:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r1:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r2:::::::*
cpe:2.3:a:jacques_gelinas:linuxconf:1.28r3:::::::*

No	URL	refsource	タグ
1	http://archives.neohapsis.com/archives/bugtraq/2002-08/0304.html	BUGTRAQ	Exploit Patch Vendor Advisory
2	http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0093.html	VULNWATCH
3	http://www.iss.net/security_center/static/9980.php	XF	Patch Vendor Advisory
4	http://www.securityfocus.com/bid/5585	BID	Exploit Patch Vendor Advisory
5	http://www.solucorp.qc.ca/changes.hc?projet=linuxconf&version=1.28r4	MISC