CVE Vulnerabilities

CVE-2002-0469

Published: Aug 12, 2002 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, lock-to-user is not set, and ecartis is called by certain MTA’s, which could allow local users to gain privileges.

Affected Software

Name Vendor Start Version End Version
Ecartis Ecartis 1.0.0_snapshot_2002-01-21 1.0.0_snapshot_2002-01-21
Ecartis Ecartis 1.0.0_snapshot_2002-01-25 1.0.0_snapshot_2002-01-25
Listar Listar 0.126a 0.126a
Listar Listar 0.127a 0.127a
Listar Listar 0.129a 0.129a

References