CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-0469

HIGH
7.2
CVSS Severity Score
EPSS Score0.1840%
EPSS Percentile26.93th
Published2002年8月12日
Last Modified2026年4月16日

Vulnerability Description

Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.

Affected Platforms (CPE)

📦
Ecartis

Ecartis

= 1.0.0_snapshot_2002-01-21
📦
Ecartis

Ecartis

= 1.0.0_snapshot_2002-01-25
📦
Listar

Listar

= 0.126a
📦
Listar

Listar

= 0.127a
📦
Listar

Listar

= 0.129a

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html
🔗 http://www.iss.net/security_center/static/8444.php
🔗 http://www.securityfocus.com/archive/1/261209
🔗 http://www.securityfocus.com/bid/4277
🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html
🔗 http://www.iss.net/security_center/static/8444.php
🔗 http://www.securityfocus.com/archive/1/261209
🔗 http://www.securityfocus.com/bid/4277

関連する脆弱性情報

CVE-2003-078110.0

Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list...

CVE-2002-046710.0

Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via...

CVE-2003-078210.0

Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code...

CVE-2003-01627.5

Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privil...