Lucene search

MitreCVE-2002-1403

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1403

2004-09-0104:00:00

mitre

web.nvd.nist.gov

dhcpcd

dhcp

client daemon

arbitrary code execution

cve-2002-1403

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

25.6%

JSON

dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.

Affected configurations

Nvd

Node

phystechdhcpcdMatch1.3.17_pl2

phystechdhcpcdMatch1.3.22_pl1

VendorProductVersionCPE
phystechdhcpcd1.3.17_pl2cpe:2.3:a:phystech:dhcpcd:1.3.17_pl2:*:*:*:*:*:*:*
phystechdhcpcd1.3.22_pl1cpe:2.3:a:phystech:dhcpcd:1.3.22_pl1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phystech	dhcpcd	1.3.17_pl2	cpe:2.3:a:phystech:dhcpcd:1.3.17_pl2:::::::*
phystech	dhcpcd	1.3.22_pl1	cpe:2.3:a:phystech:dhcpcd:1.3.22_pl1:::::::*

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000549

marc.info/?l=bugtraq&m=104189546709447&w=2

www.debian.org/security/2002/dsa-219

www.mandrakesoft.com/security/advisories?name=MDKSA-2003:003

www.securityfocus.com/bid/6200

exchange.xforce.ibmcloud.com/vulnerabilities/10663

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

25.6%

JSON

Related for CVE-2002-1403