cbcvebase.
CVE-2002-0740
published 2002-08-12

CVE-2002-0740: Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.

PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.47%
70.5th percentile
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.

Affected

8 ranges
VendorProductVersion rangeFixed in
debianslrn< slrn 0.9.6.2-9 (bookworm)slrn 0.9.6.2-9 (bookworm)
slrn_development_teamslrn
slrn_development_teamslrn
slrn_development_teamslrn
slrn_development_teamslrn>= 0 < 0.9.6.2-90.9.6.2-9
slrn_development_teamslrn>= 0 < 0.9.6.2-90.9.6.2-9
slrn_development_teamslrn>= 0 < 0.9.6.2-90.9.6.2-9
slrn_development_teamslrn>= 0 < 0.9.6.2-90.9.6.2-9

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.