CVE-2002-0542

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*

History

20 Nov 2024, 23:39

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=101855467811695&w=2 - () http://marc.info/?l=bugtraq&m=101855467811695&w=2 -
References () http://online.securityfocus.com/archive/1/267089 - Exploit, Vendor Advisory () http://online.securityfocus.com/archive/1/267089 - Exploit, Vendor Advisory
References () http://www.iss.net/security_center/static/8818.php - Patch, Vendor Advisory () http://www.iss.net/security_center/static/8818.php - Patch, Vendor Advisory
References () http://www.openbsd.org/errata30.html#mail - () http://www.openbsd.org/errata30.html#mail -
References () http://www.osvdb.org/5269 - () http://www.osvdb.org/5269 -
References () http://www.securityfocus.com/bid/4495 - Exploit, Patch, Vendor Advisory () http://www.securityfocus.com/bid/4495 - Exploit, Patch, Vendor Advisory

Information

Published : 2002-07-03 04:00

Updated : 2024-11-20 23:39


NVD link : CVE-2002-0542

Mitre link : CVE-2002-0542

CVE.ORG link : CVE-2002-0542


JSON object : View

Products Affected

openbsd

  • openbsd