7.2

CVE-2002-1500

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NetbsdNetbsd Version1.4
NetbsdNetbsd Version1.4 Editionalpha
NetbsdNetbsd Version1.4 Editionarm32
NetbsdNetbsd Version1.4 Editionsparc
NetbsdNetbsd Version1.4 Editionx86
NetbsdNetbsd Version1.4.1
NetbsdNetbsd Version1.4.1 Editionalpha
NetbsdNetbsd Version1.4.1 Editionarm32
NetbsdNetbsd Version1.4.1 Editionsh3
NetbsdNetbsd Version1.4.1 Editionsparc
NetbsdNetbsd Version1.4.1 Editionx86
NetbsdNetbsd Version1.4.2
NetbsdNetbsd Version1.4.2 Editionalpha
NetbsdNetbsd Version1.4.2 Editionarm32
NetbsdNetbsd Version1.4.2 Editionsparc
NetbsdNetbsd Version1.4.2 Editionx86
NetbsdNetbsd Version1.4.3
NetbsdNetbsd Version1.5
NetbsdNetbsd Version1.5 Editionsh3
NetbsdNetbsd Version1.5 Editionx86
NetbsdNetbsd Version1.5.1
NetbsdNetbsd Version1.5.2
NetbsdNetbsd Version1.5.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.355
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C