Lucene search

[email protected]NVD:CVE-2002-2221

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-2221

2002-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.

Affected configurations

Nvd

Node

chetcpasswdchetcpasswdMatch2.3.1

chetcpasswdchetcpasswdMatch2.3.3

chetcpasswdchetcpasswdMatch2.4.1

VendorProductVersionCPE
chetcpasswdchetcpasswd2.3.1cpe:2.3:a:chetcpasswd:chetcpasswd:2.3.1:*:*:*:*:*:*:*
chetcpasswdchetcpasswd2.3.3cpe:2.3:a:chetcpasswd:chetcpasswd:2.3.3:*:*:*:*:*:*:*
chetcpasswdchetcpasswd2.4.1cpe:2.3:a:chetcpasswd:chetcpasswd:2.4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
chetcpasswd	chetcpasswd	2.3.1	cpe:2.3:a:chetcpasswd:chetcpasswd:2.3.1:::::::*
chetcpasswd	chetcpasswd	2.3.3	cpe:2.3:a:chetcpasswd:chetcpasswd:2.3.3:::::::*
chetcpasswd	chetcpasswd	2.4.1	cpe:2.3:a:chetcpasswd:chetcpasswd:2.4.1:::::::*

References

secunia.com/advisories/23024

securitytracker.com/id?1005847

www.securityfocus.com/bid/21644

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2002-2221

cvelist2 cve2 nvd1