Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0875

8 documents8 sources

Severity

2.1LOW

EPSS

1.1%

top 22.28%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Debian Debian Linux SGI FAM SGI Irix

Timeline

PublishedSep 5

Latest updateMay 3

Description

Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶Debianfam< 2.6.8-1

▶NVDsgi/fam2.6.6, 2.6.8+1

▶NVDsgi/irix6.5.15, 6.5.16, 6.5.17+2

Also affects: Debian Linux 3.0

Patches

Patch: www.debian.org ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-mcf7-9m9g-x48v: Vulnerability in FAM 2↗2022-05-03

▶

CVEList

CVE-2002-0875: Vulnerability in FAM 2↗2003-04-02

▶

OSV

CVE-2002-0875: Vulnerability in FAM 2↗2002-09-05

▶

💥Exploits & PoCs

Exploit-DB

SGI IRIX 6.5.x - FAM Arbitrary Root Owned Directory File Listing↗2002-08-16

▶

📋Vendor Advisories

Red Hat

security flaw↗2002-01-03

▶

Debian

CVE-2002-0875: fam - Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users ...↗2002

▶

💬Community

Bugzilla

CVE-2002-0875 security flaw↗2018-08-16

▶