CVE-2002-0468
published 2002-08-12CVE-2002-0468: Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument…
PriorityP416medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
0.80%
51.8th percentile
Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ecartis | ecartis | — | — |
| ecartis | ecartis | — | — |
| listar | listar | — | — |
| listar | listar | — | — |
| listar | listar | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)
exploitdb·2002-02-27
CVE-2002-0468 Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)
Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)
---
// source: https://www.securityfocus.com/bid/4271/info
Ecartis is the new name for the Listar software product. Listar is a mailing list management package for Linux, BSD, and other Unix like operating systems.
Multiple local buffer overflow conditions have been reported in some versions of Ecartis. If successfully exploited, this may result in the execution of arbitrary code. Listar normally runs as the non-privileged user 'listar'. Exploitation of this vulnerability may allow the malicious party to launch further attacks against the system as the user 'listar'.
/*
* /home/listar-0.129a/listar
*
* The vulnerability was found by KF / Snosoft (http://www.snosoft.com)
* Exploit coded up by The Itch / P
Exploit-DB
Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (2)
exploitdb·2002-02-27
CVE-2002-0468 Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (2)
Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (2)
---
// source: https://www.securityfocus.com/bid/4271/info
Ecartis is the new name for the Listar software product. Listar is a mailing list management package for Linux, BSD, and other Unix like operating systems.
Multiple local buffer overflow conditions have been reported in some versions of Ecartis. If successfully exploited, this may result in the execution of arbitrary code. Listar normally runs as the non-privileged user 'listar'. Exploitation of this vulnerability may allow the malicious party to launch further attacks against the system as the user 'listar'.
/*
* /home/ecartis/ecartis
*
* The vulnerability was found by KF / Snosoft (http://www.snosoft.com)
* Exploit coded up by The Itch / Promis
No writeups or analysis indexed.
http://marc.info/?l=listar-support&m=101590272221720&w=2http://online.securityfocus.com/archive/1/269658http://online.securityfocus.com/archive/1/269879http://online.securityfocus.com/archive/82/258763http://www.ecartis.org/http://www.iss.net/security_center/static/8445.phphttp://www.securityfocus.com/archive/1/261209http://www.securityfocus.com/bid/4271http://marc.info/?l=listar-support&m=101590272221720&w=2http://online.securityfocus.com/archive/1/269658http://online.securityfocus.com/archive/1/269879http://online.securityfocus.com/archive/82/258763http://www.ecartis.org/http://www.iss.net/security_center/static/8445.phphttp://www.securityfocus.com/archive/1/261209http://www.securityfocus.com/bid/4271
2002-08-12
Published