Vulnerability Description
chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Scott Parish | Chuid | 1.0 |
References
- http://online.securityfocus.com/archive/1/251763Vendor Advisory
- http://www.securityfocus.com/bid/3938
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7976
- http://online.securityfocus.com/archive/1/251763Vendor Advisory
- http://www.securityfocus.com/bid/3938
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7976
FAQ
What is CVE-2002-0145?
CVE-2002-0145 is a vulnerability with a CVSS score of 7.5 (HIGH). chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.
How severe is CVE-2002-0145?
CVE-2002-0145 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0145?
Check the references section above for vendor advisories and patch information. Affected products include: Scott Parish Chuid.