Lucene search

MitreCVE-2002-0145

HistoryMar 25, 2002 - 5:00 a.m.

CVE-2002-0145

2002-03-2505:00:00

mitre

web.nvd.nist.gov

security vulnerability

chuid 1.2

remote attack

file ownership

cve-2002-0145

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.012

Percentile

84.9%

JSON

chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.

Affected configurations

Nvd

Node

scott_parishchuidMatch1.0

scott_parishchuidMatch1.1

scott_parishchuidMatch1.2

VendorProductVersionCPE
scott_parishchuid1.0cpe:2.3:a:scott_parish:chuid:1.0:*:*:*:*:*:*:*
scott_parishchuid1.1cpe:2.3:a:scott_parish:chuid:1.1:*:*:*:*:*:*:*
scott_parishchuid1.2cpe:2.3:a:scott_parish:chuid:1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
scott_parish	chuid	1.0	cpe:2.3:a:scott_parish:chuid:1.0:::::::*
scott_parish	chuid	1.1	cpe:2.3:a:scott_parish:chuid:1.1:::::::*
scott_parish	chuid	1.2	cpe:2.3:a:scott_parish:chuid:1.2:::::::*

References

online.securityfocus.com/archive/1/251763

www.securityfocus.com/bid/3938

exchange.xforce.ibmcloud.com/vulnerabilities/7976

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.012

Percentile

84.9%

JSON

Related for CVE-2002-0145