CVE-2002-0761
published 2002-08-12CVE-2002-0761: bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual…
PriorityP46low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.39%
30.5th percentile
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
| bzip | bzip2 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL FTP USER overflow attempt
suricata·2010-09-23
CVE-1999-1510 GPL FTP USER overflow attempt
GPL FTP USER overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP USER overflow attempt"; flow:established,to_server,no_stream; content:"USER|20|"; nocase; isdataat:100,relative; pcre:"/^USER\x20[^\x00\x20\x0a\x0d]{100}/smi"; reference:bugtraq,10078; reference:bugtraq,1227; reference:bugtraq,1504; reference:bugtraq,1690; reference:bugtraq,4638; reference:bugtraq,7307; reference:bugtraq,8376; reference:cve,1999-1510; reference:cve,1999-1514; reference:cve,1999-1519; reference:cve,1999-1539; reference:cve,2000-0479; reference:cve,2000-0656; reference:cve,2000-0761; reference:cve,2000-0943; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0256; reference:cve,2001-0794; reference:cve,2001-0826; reference:cve,2002-0126; reference:cve,2002-1522;
No public exploits indexed.
No writeups or analysis indexed.
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-039.0.txtftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.aschttp://www.iss.net/security_center/static/9128.phphttp://www.securityfocus.com/bid/4776ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-039.0.txtftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.aschttp://www.iss.net/security_center/static/9128.phphttp://www.securityfocus.com/bid/4776
2002-08-12
Published