CVE Vulnerabilities

CVE-2002-1500

Published: Apr 02, 2003 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().

Affected Software

Name Vendor Start Version End Version
Netbsd Netbsd 1.4 (including) 1.4 (including)
Netbsd Netbsd 1.4.1 (including) 1.4.1 (including)
Netbsd Netbsd 1.4.2 (including) 1.4.2 (including)
Netbsd Netbsd 1.4.3 (including) 1.4.3 (including)
Netbsd Netbsd 1.5 (including) 1.5 (including)
Netbsd Netbsd 1.5.1 (including) 1.5.1 (including)
Netbsd Netbsd 1.5.2 (including) 1.5.2 (including)
Netbsd Netbsd 1.5.3 (including) 1.5.3 (including)

References