CVE-2002-0740
published 2002-08-12CVE-2002-0740: Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.
PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.47%
70.5th percentile
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | slrn | < slrn 0.9.6.2-9 (bookworm) | slrn 0.9.6.2-9 (bookworm) |
| slrn_development_team | slrn | — | — |
| slrn_development_team | slrn | — | — |
| slrn_development_team | slrn | — | — |
| slrn_development_team | slrn | >= 0 < 0.9.6.2-9 | 0.9.6.2-9 |
| slrn_development_team | slrn | >= 0 < 0.9.6.2-9 | 0.9.6.2-9 |
| slrn_development_team | slrn | >= 0 < 0.9.6.2-9 | 0.9.6.2-9 |
| slrn_development_team | slrn | >= 0 < 0.9.6.2-9 | 0.9.6.2-9 |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f324-877p-jh9x: Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argu
ghsa_unreviewed·2022-04-30
CVE-2002-0740 [HIGH] GHSA-f324-877p-jh9x: Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argu
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.
OSV
CVE-2002-0740: Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argu
osv·2002-08-12·CVSS 7.2
CVE-2002-0740 [HIGH] CVE-2002-0740: Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argu
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.
Debian
CVE-2002-0740: slrn - Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgi...
vendor_debian·2002·CVSS 7.2
CVE-2002-0740 [HIGH] CVE-2002-0740: slrn - Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgi...
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.
Scope: local
bookworm: resolved (fixed in 0.9.6.2-9)
bullseye: resolved (fixed in 0.9.6.2-9)
forky: resolved (fixed in 0.9.6.2-9)
sid: resolved (fixed in 0.9.6.2-9)
trixie: resolved (fixed in 0.9.6.2-9)
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-04/0302.htmlhttp://online.securityfocus.com/archive/1/269667http://online.securityfocus.com/archive/1/270235http://www.iss.net/security_center/static/8910.phphttp://www.securityfocus.com/bid/4569http://archives.neohapsis.com/archives/bugtraq/2002-04/0302.htmlhttp://online.securityfocus.com/archive/1/269667http://online.securityfocus.com/archive/1/270235http://www.iss.net/security_center/static/8910.phphttp://www.securityfocus.com/bid/4569
2002-08-12
Published