CVE-2002-1812
published 2002-12-31CVE-2002-1812: Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter.
PriorityP422high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.12%
62.2th percentile
Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gdam | gdam | — | — |
| gdam | gdam | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Chkrootkit 0.49 - Local Privilege Escalation
exploitdb·2014-06-28
CVE-2014-0476 Chkrootkit 0.49 - Local Privilege Escalation
Chkrootkit 0.49 - Local Privilege Escalation
---
We just found a serious vulnerability in the chkrootkit package, which
may allow local attackers to gain root access to a box in certain
configurations (/tmp not mounted noexec).
The vulnerability is located in the function slapper() in the
shellscript chkrootkit:
#
# SLAPPER.{A,B,C,D} and the multi-platform variant
#
slapper (){
SLAPPER_FILES="${ROOTDIR}tmp/.bugtraq ${ROOTDIR}tmp/.bugtraq.c"
SLAPPER_FILES="$SLAPPER_FILES ${ROOTDIR}tmp/.unlock ${ROOTDIR}tmp/httpd \
${ROOTDIR}tmp/update ${ROOTDIR}tmp/.cinik ${ROOTDIR}tmp/.b"a
SLAPPER_PORT="0.0:2002 |0.0:4156 |0.0:1978 |0.0:1812 |0.0:2015 "
OPT=-an
STATUS=0
file_port=
if ${netstat} "${OPT}"|${egrep} "^tcp"|${egrep} "${SLAPPER_PORT}">
/dev/null 2>&1
then
STATUS=1
[ "$SYSTEM" = "Linux" ] &&
Exploit-DB
GDAM123 0.933/0.942 - Filename Buffer Overflow
exploitdb·2002-08-24
CVE-2002-1812 GDAM123 0.933/0.942 - Filename Buffer Overflow
GDAM123 0.933/0.942 - Filename Buffer Overflow
---
// source: https://www.securityfocus.com/bid/5578/info
The GDAM123 command-line MP3 player is prone to a buffer overflow condition when handling overly long filenames. Under some circumstances, the player may be installed setuid root to allow unprivileged users to run the player if access to certain devices is required. In a situation such as this, the buffer overflow may be exploited to gain elevated privileges via the execution of arbitrary code.
/* gdam123(client) proof of concept exploit by sacrine
* An unchecked buffer in filename option
* Netric Security (RESOURCE MATERIAL)
* http://www.netric.org
*
* ./gdam123-expl -3300
* greets: All members of Netric, my girlfriend
*/
#include
#include
#include
#include
// #define BUFLEN 214
No writeups or analysis indexed.
http://www.iss.net/security_center/static/9991.phphttp://www.netric.org/advisories/netric-adv007.txthttp://www.securiteam.com/exploits/5CP0Y0080G.htmlhttp://www.securityfocus.com/bid/5578http://www.iss.net/security_center/static/9991.phphttp://www.netric.org/advisories/netric-adv007.txthttp://www.securiteam.com/exploits/5CP0Y0080G.htmlhttp://www.securityfocus.com/bid/5578
2002-12-31
Published