7.2

CVE-2002-1500

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().

Data is provided by the National Vulnerability Database (NVD)
NetbsdNetbsd Version1.4
NetbsdNetbsd Version1.4 Editionalpha
NetbsdNetbsd Version1.4 Editionarm32
NetbsdNetbsd Version1.4 Editionsparc
NetbsdNetbsd Version1.4 Editionx86
NetbsdNetbsd Version1.4.1
NetbsdNetbsd Version1.4.1 Editionalpha
NetbsdNetbsd Version1.4.1 Editionarm32
NetbsdNetbsd Version1.4.1 Editionsh3
NetbsdNetbsd Version1.4.1 Editionsparc
NetbsdNetbsd Version1.4.1 Editionx86
NetbsdNetbsd Version1.4.2
NetbsdNetbsd Version1.4.2 Editionalpha
NetbsdNetbsd Version1.4.2 Editionarm32
NetbsdNetbsd Version1.4.2 Editionsparc
NetbsdNetbsd Version1.4.2 Editionx86
NetbsdNetbsd Version1.4.3
NetbsdNetbsd Version1.5
NetbsdNetbsd Version1.5 Editionsh3
NetbsdNetbsd Version1.5 Editionx86
NetbsdNetbsd Version1.5.1
NetbsdNetbsd Version1.5.2
NetbsdNetbsd Version1.5.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.15% 0.355
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C