Vulnerability Description
Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ecartis | Ecartis | 1.0.0_snapshot_2002-01-21 |
| Listar | Listar | 0.126a |
References
- http://marc.info/?l=listar-support&m=101590272221720&w=2
- http://online.securityfocus.com/archive/1/269658Vendor Advisory
- http://online.securityfocus.com/archive/1/269879Vendor Advisory
- http://online.securityfocus.com/archive/82/258763Vendor Advisory
- http://www.ecartis.org/
- http://www.iss.net/security_center/static/8445.php
- http://www.securityfocus.com/archive/1/261209
- http://www.securityfocus.com/bid/4271
- http://marc.info/?l=listar-support&m=101590272221720&w=2
- http://online.securityfocus.com/archive/1/269658Vendor Advisory
- http://online.securityfocus.com/archive/1/269879Vendor Advisory
- http://online.securityfocus.com/archive/82/258763Vendor Advisory
- http://www.ecartis.org/
- http://www.iss.net/security_center/static/8445.php
- http://www.securityfocus.com/archive/1/261209
FAQ
What is CVE-2002-0468?
CVE-2002-0468 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c,...
How severe is CVE-2002-0468?
CVE-2002-0468 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0468?
Check the references section above for vendor advisories and patch information. Affected products include: Ecartis Ecartis, Listar Listar.