CVE-2001-1553 — MEDIUM (4.6)

Vulnerability Description

Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_passwd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be included in CVE.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
University Of California	Seti At Home	3.03

References

http://archives.neohapsis.com/archives/vuln-dev/2001-q4/0662.htmlVendor Advisory
http://archives.neohapsis.com/archives/vuln-dev/2001-q4/0662.htmlVendor Advisory

FAQ

What is CVE-2001-1553?

CVE-2001-1553 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_p...

How severe is CVE-2001-1553?

CVE-2001-1553 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2001-1553?

Check the references section above for vendor advisories and patch information. Affected products include: University Of California Seti At Home.