CVE-2002-0542
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/07/2002
Last modified:
20/11/2024
Description
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:* | ||
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://marc.info/?l=bugtraq&m=101855467811695&w=2
- http://online.securityfocus.com/archive/1/267089
- http://www.iss.net/security_center/static/8818.php
- http://www.openbsd.org/errata30.html#mail
- http://www.osvdb.org/5269
- http://www.securityfocus.com/bid/4495
- http://marc.info/?l=bugtraq&m=101855467811695&w=2
- http://online.securityfocus.com/archive/1/267089
- http://www.iss.net/security_center/static/8818.php
- http://www.openbsd.org/errata30.html#mail
- http://www.osvdb.org/5269
- http://www.securityfocus.com/bid/4495