CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0469

HIGH
7.2
CVSS Severity Score
EPSS Score0.1840%
EPSS Percentile26.93th
PublishedAug 12, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.

Affected Platforms (CPE)

πŸ“¦
Ecartis

Ecartis

= 1.0.0_snapshot_2002-01-21
πŸ“¦
Ecartis

Ecartis

= 1.0.0_snapshot_2002-01-25
πŸ“¦
Listar

Listar

= 0.126a
πŸ“¦
Listar

Listar

= 0.127a
πŸ“¦
Listar

Listar

= 0.129a

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html
πŸ”— http://www.iss.net/security_center/static/8444.php
πŸ”— http://www.securityfocus.com/archive/1/261209
πŸ”— http://www.securityfocus.com/bid/4277
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html
πŸ”— http://www.iss.net/security_center/static/8444.php
πŸ”— http://www.securityfocus.com/archive/1/261209
πŸ”— http://www.securityfocus.com/bid/4277

Related Vulnerabilities

CVE-2003-078110.0

Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list...

CVE-2002-046710.0

Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via...

CVE-2003-078210.0

Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code...

CVE-2003-01627.5

Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privil...