CVE-2002-0084
published 2002-03-15CVE-2002-0084: Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
PriorityP434high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
20.72%
97.2th percentile
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | solaris | — | — |
| sun | solaris | — | — |
| sun | sunos | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Heap Overflow in Solaris cachefs Daemon
vendor_cisco·2002-07-24
CVE-2002-0033 CWE-119 Heap Overflow in Solaris cachefs Daemon
Heap Overflow in Solaris cachefs Daemon
This advisory describes a vulnerability that affects Cisco products and
applications that are installed on the Solaris operating system, and is based
on the vulnerability of an common service within the Solaris operating system,
not due to a defect of the Cisco product or application. A vulnerability in the
"cachefs" program was discovered that enables an attacker to execute arbitrary
code under Solaris OS. This vulnerability was publicly announced in the CERT
Advisory CA-2002-11. All Cisco products and applications that are installed on
Solaris OS are considered vulnerable to the underlying operating system
vulnerability, unless the workaround was applied. This vulnerability is
described in details in Sun(sm) Alert Notification at
http://sunsolve
Cisco
Heap Overflow in Solaris cachefs Daemon
vendor_cisco
CVE-2002-0084 Heap Overflow in Solaris cachefs Daemon
CVE-2002-0084: Heap Overflow in Solaris cachefs Daemon
This advisory describes a vulnerability that affects Cisco products and applications that are installed on the Solaris operating system, and is based on the vulnerability of an common service within the Solaris operating system, not due to a defect of the Cisco product or application. A vulnerability in the "cachefs" program was discovered that enables an attacker to execute arbitrary code under Solaris OS. This vulnerability was publicly announced in the CERT Advisory CA-2002-11. All Cisco products and applications that are installed on Solaris OS are considered vulnerable to the underlying operating system vulnerability, unless the workaround was applied. This vulnerability is described in
CWE: CWE-119, CWE-119
GHSA
GHSA-q758-hhjv-8jcm: Buffer overflow in the fscache_setup function of cachefsd in Solaris 2
ghsa_unreviewed·2022-04-30
CVE-2002-0084 [HIGH] GHSA-q758-hhjv-8jcm: Buffer overflow in the fscache_setup function of cachefsd in Solaris 2
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
Suricata
GPL RPC portmap cachefsd request TCP
suricata·2010-09-23
CVE-2002-0033 GPL RPC portmap cachefsd request TCP
GPL RPC portmap cachefsd request TCP
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap cachefsd request TCP"; flow:established,to_server; content:"|00 01 86 A0|"; depth:4; offset:16; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 87 8B|"; within:4; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,4674; reference:cve,2002-0033; reference:cve,2002-0084; classtype:rpc-portmap-decode; sid:2101747; rev:13; metadata:created_at 2010_09_23, cve CVE_2002_0033, signature_severity Informational, updated_at 2024_03_08;)
Suricata
GPL RPC portmap cachefsd request UDP
suricata·2010-09-23
CVE-2002-0033 GPL RPC portmap cachefsd request UDP
GPL RPC portmap cachefsd request UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap cachefsd request UDP"; content:"|00 01 86 A0|"; depth:4; offset:12; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 87 8B|"; within:4; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,4674; reference:cve,2002-0033; reference:cve,2002-0084; classtype:rpc-portmap-decode; sid:2101746; rev:12; metadata:created_at 2010_09_23, cve CVE_2002_0033, signature_severity Informational, updated_at 2019_07_26;)
No public exploits indexed.
No writeups or analysis indexed.
http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00416.htmlhttp://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309http://www.esecurityonline.com/advisories/eSO4198.asphttp://www.kb.cert.org/vuls/id/161931https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A43https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A97http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00416.htmlhttp://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309http://www.esecurityonline.com/advisories/eSO4198.asphttp://www.kb.cert.org/vuls/id/161931https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A43https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A97
2002-03-15
Published