Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
References
Link | Resource |
---|---|
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc | |
http://www.iss.net/security_center/static/10114.php | Patch Vendor Advisory |
http://www.securityfocus.com/bid/5727 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2003-03-18T05:00:00
Updated: 2003-03-26T10:00:00
Reserved: 2003-02-05T00:00:00
Link: CVE-2002-1500
JSON object: View
NVD Information
Status : Analyzed
Published: 2003-04-02T05:00:00.000
Modified: 2008-09-05T20:30:45.733
Link: CVE-2002-1500
JSON object: View
Redhat Information
No data.
CWE