Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0641Improper Restriction of Operations within the Bounds of a Memory Buffer in Redhat Linux

6 documents6 sources
Severity
4.6MEDIUMNVD
EPSS
0.4%
top 41.33%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
ImmunixRedhat LinuxSuse Linux
Timeline
PublishedSep 20
Latest updateApr 30

Description

Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages3 packages

NVDredhat/linux5.2, 6.2, 7.0+2
NVDsuse/suse_linux7 versions+6
NVDimmunix/immunix6.2, 7.0, 7.0_beta+2

Patches

Patch: www.redhat.comPatch: www.securityfocus.comPatch: www.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-x5hv-pj66-v68q: Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option2022-04-30
CVEList
CVE-2001-0641: Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option2002-03-09

💥Exploits & PoCs

1
Exploit-DB
Immunix OS 6.2/7.0 / RedHat 5.2/6.2/7.0 / SuSE Linux 6.x/7.0/7.1 - 'Man -S' Heap Overflow2001-05-13

📋Vendor Advisories

1
Red Hat
security flaw2001-05-13

💬Community

1
Bugzilla
CVE-2001-0641 security flaw2018-08-16
CVE-2001-0641 — Redhat Linux vulnerability | cvebase