CVE-2002-0851
published 2002-09-05CVE-2002-0851: Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via…
PriorityP423high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.05%
60.0th percentile
Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| isdn4linux | isdn4linux | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (2)
exploitdb·2002-08-10
CVE-2002-0851 ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (2)
ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (2)
---
source: https://www.securityfocus.com/bid/5437/info
isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems.
isdn4linux contains a format string vulnerability in the ipppd utility. In some installations, this utility is installed with setuid root privileges. Exploitation of this vulnerability could lead to a local attacker executing code with administrative privileges.
#!/usr/bin/perl
# 7350pippi - x86/Linux ipppd local root
#
# (C) COPYRIGHT TESO Security, 2002
# All Rights Reserved
#
# May be used under the terms of the GPL.
# ipppd local root exploit:
# ...
# /*
# * Check if there is a device by this name.
# */
# if (stat(cp, &statbuf)
int main(
Exploit-DB
ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)
exploitdb·2002-08-10
CVE-2002-0851 ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)
ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)
---
// source: https://www.securityfocus.com/bid/5437/info
isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems.
isdn4linux contains a format string vulnerability in the ipppd utility. In some installations, this utility is installed with setuid root privileges. Exploitation of this vulnerability could lead to a local attacker executing code with administrative privileges.
/*
* GOBBLES-own-ipppd.c -- local root on SuSE 8.0
*
* Random Defcon Quote:
* "Who hired Gary Coleman to play KF at defcon?"
* -Anonymous
*
* ipppd is part of the isdn4linux-utils package and
* is part of the default install of many linux dists.
*
* It is installed suid root on suse
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0068.htmlhttp://www.iss.net/security_center/static/9811.phphttp://www.securityfocus.com/bid/5437http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0068.htmlhttp://www.iss.net/security_center/static/9811.phphttp://www.securityfocus.com/bid/5437
2002-09-05
Published