Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

CVE-2002-0467 (GCVE-0-2002-0467)

Vulnerability from nvd – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49

Summary

Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.debian.org/security/2002/dsa-123	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/bid/4176	vdb-entryx_refsource_BID
	http://www.iss.net/security_center/static/8284.php	vdb-entryx_refsource_XF
	http://www.ecartis.org/	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/vulnwatch/…	mailing-listx_refsource_VULNWATCH
	http://www.securityfocus.com/archive/1/261209	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:28.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-123",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2002/dsa-123"
          },
          {
            "name": "4176",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4176"
          },
          {
            "name": "ecartis-mystring-bo(8284)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8284.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ecartis.org/"
          },
          {
            "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
          },
          {
            "name": "20020310 Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/261209"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-06-15T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-123",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2002/dsa-123"
        },
        {
          "name": "4176",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4176"
        },
        {
          "name": "ecartis-mystring-bo(8284)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8284.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ecartis.org/"
        },
        {
          "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
        },
        {
          "name": "20020310 Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/261209"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0467",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-123",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2002/dsa-123"
            },
            {
              "name": "4176",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4176"
            },
            {
              "name": "ecartis-mystring-bo(8284)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8284.php"
            },
            {
              "name": "http://www.ecartis.org/",
              "refsource": "CONFIRM",
              "url": "http://www.ecartis.org/"
            },
            {
              "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
            },
            {
              "name": "20020310 Ecartis/Listar multiple vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/261209"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0467",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-07T00:00:00",
    "dateUpdated": "2024-08-08T02:49:28.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-0468 (GCVE-0-2002-0468)

Vulnerability from nvd – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49

Summary

Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://online.securityfocus.com/archive/82/258763	mailing-listx_refsource_VULN-DEV
	http://www.iss.net/security_center/static/8445.php	vdb-entryx_refsource_XF
	http://online.securityfocus.com/archive/1/269879	mailing-listx_refsource_BUGTRAQ
	http://www.ecartis.org/	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/4271	vdb-entryx_refsource_BID
	http://online.securityfocus.com/archive/1/269658	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/261209	mailing-listx_refsource_BUGTRAQ
	http://marc.info/?l=listar-support&m=101590272221…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:29.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020227 listar / ecaris remote or local?",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/82/258763"
          },
          {
            "name": "ecartis-local-bo(8445)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8445.php"
          },
          {
            "name": "20020427 Response to KF about Listar/Ecartis Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/1/269879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ecartis.org/"
          },
          {
            "name": "4271",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4271"
          },
          {
            "name": "20020425 ecartis / listar PoC",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/1/269658"
          },
          {
            "name": "20020310 Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/261209"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020227 listar / ecaris remote or local?",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://online.securityfocus.com/archive/82/258763"
        },
        {
          "name": "ecartis-local-bo(8445)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8445.php"
        },
        {
          "name": "20020427 Response to KF about Listar/Ecartis Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://online.securityfocus.com/archive/1/269879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ecartis.org/"
        },
        {
          "name": "4271",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4271"
        },
        {
          "name": "20020425 ecartis / listar PoC",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://online.securityfocus.com/archive/1/269658"
        },
        {
          "name": "20020310 Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/261209"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0468",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020227 listar / ecaris remote or local?",
              "refsource": "VULN-DEV",
              "url": "http://online.securityfocus.com/archive/82/258763"
            },
            {
              "name": "ecartis-local-bo(8445)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8445.php"
            },
            {
              "name": "20020427 Response to KF about Listar/Ecartis Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://online.securityfocus.com/archive/1/269879"
            },
            {
              "name": "http://www.ecartis.org/",
              "refsource": "CONFIRM",
              "url": "http://www.ecartis.org/"
            },
            {
              "name": "4271",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4271"
            },
            {
              "name": "20020425 ecartis / listar PoC",
              "refsource": "BUGTRAQ",
              "url": "http://online.securityfocus.com/archive/1/269658"
            },
            {
              "name": "20020310 Ecartis/Listar multiple vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/261209"
            },
            {
              "name": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2",
              "refsource": "MISC",
              "url": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0468",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-07T00:00:00",
    "dateUpdated": "2024-08-08T02:49:29.053Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-0469 (GCVE-0-2002-0469)

Vulnerability from nvd – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49

Summary

Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.iss.net/security_center/static/8444.php	vdb-entryx_refsource_XF
	http://archives.neohapsis.com/archives/vulnwatch/…	mailing-listx_refsource_VULNWATCH
	http://www.securityfocus.com/archive/1/261209	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/4277	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:28.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ecartis-root-privileges(8444)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8444.php"
          },
          {
            "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
          },
          {
            "name": "20020310 Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/261209"
          },
          {
            "name": "4277",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4277"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, \"lock-to-user\" is not set, and ecartis is called by certain MTA\u0027s, which could allow local users to gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-06-15T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ecartis-root-privileges(8444)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8444.php"
        },
        {
          "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
        },
        {
          "name": "20020310 Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/261209"
        },
        {
          "name": "4277",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4277"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0469",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, \"lock-to-user\" is not set, and ecartis is called by certain MTA\u0027s, which could allow local users to gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ecartis-root-privileges(8444)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8444.php"
            },
            {
              "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
            },
            {
              "name": "20020310 Ecartis/Listar multiple vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/261209"
            },
            {
              "name": "4277",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4277"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0469",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-07T00:00:00",
    "dateUpdated": "2024-08-08T02:49:28.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-0467 (GCVE-0-2002-0467)

Vulnerability from cvelistv5 – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49

Summary

Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.debian.org/security/2002/dsa-123	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/bid/4176	vdb-entryx_refsource_BID
	http://www.iss.net/security_center/static/8284.php	vdb-entryx_refsource_XF
	http://www.ecartis.org/	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/vulnwatch/…	mailing-listx_refsource_VULNWATCH
	http://www.securityfocus.com/archive/1/261209	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:28.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-123",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2002/dsa-123"
          },
          {
            "name": "4176",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4176"
          },
          {
            "name": "ecartis-mystring-bo(8284)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8284.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ecartis.org/"
          },
          {
            "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
          },
          {
            "name": "20020310 Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/261209"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-06-15T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-123",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2002/dsa-123"
        },
        {
          "name": "4176",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4176"
        },
        {
          "name": "ecartis-mystring-bo(8284)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8284.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ecartis.org/"
        },
        {
          "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
        },
        {
          "name": "20020310 Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/261209"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0467",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-123",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2002/dsa-123"
            },
            {
              "name": "4176",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4176"
            },
            {
              "name": "ecartis-mystring-bo(8284)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8284.php"
            },
            {
              "name": "http://www.ecartis.org/",
              "refsource": "CONFIRM",
              "url": "http://www.ecartis.org/"
            },
            {
              "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
            },
            {
              "name": "20020310 Ecartis/Listar multiple vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/261209"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0467",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-07T00:00:00",
    "dateUpdated": "2024-08-08T02:49:28.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-0468 (GCVE-0-2002-0468)

Vulnerability from cvelistv5 – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49

Summary

Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://online.securityfocus.com/archive/82/258763	mailing-listx_refsource_VULN-DEV
	http://www.iss.net/security_center/static/8445.php	vdb-entryx_refsource_XF
	http://online.securityfocus.com/archive/1/269879	mailing-listx_refsource_BUGTRAQ
	http://www.ecartis.org/	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/4271	vdb-entryx_refsource_BID
	http://online.securityfocus.com/archive/1/269658	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/261209	mailing-listx_refsource_BUGTRAQ
	http://marc.info/?l=listar-support&m=101590272221…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:29.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020227 listar / ecaris remote or local?",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/82/258763"
          },
          {
            "name": "ecartis-local-bo(8445)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8445.php"
          },
          {
            "name": "20020427 Response to KF about Listar/Ecartis Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/1/269879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ecartis.org/"
          },
          {
            "name": "4271",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4271"
          },
          {
            "name": "20020425 ecartis / listar PoC",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/1/269658"
          },
          {
            "name": "20020310 Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/261209"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020227 listar / ecaris remote or local?",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://online.securityfocus.com/archive/82/258763"
        },
        {
          "name": "ecartis-local-bo(8445)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8445.php"
        },
        {
          "name": "20020427 Response to KF about Listar/Ecartis Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://online.securityfocus.com/archive/1/269879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ecartis.org/"
        },
        {
          "name": "4271",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4271"
        },
        {
          "name": "20020425 ecartis / listar PoC",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://online.securityfocus.com/archive/1/269658"
        },
        {
          "name": "20020310 Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/261209"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0468",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020227 listar / ecaris remote or local?",
              "refsource": "VULN-DEV",
              "url": "http://online.securityfocus.com/archive/82/258763"
            },
            {
              "name": "ecartis-local-bo(8445)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8445.php"
            },
            {
              "name": "20020427 Response to KF about Listar/Ecartis Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://online.securityfocus.com/archive/1/269879"
            },
            {
              "name": "http://www.ecartis.org/",
              "refsource": "CONFIRM",
              "url": "http://www.ecartis.org/"
            },
            {
              "name": "4271",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4271"
            },
            {
              "name": "20020425 ecartis / listar PoC",
              "refsource": "BUGTRAQ",
              "url": "http://online.securityfocus.com/archive/1/269658"
            },
            {
              "name": "20020310 Ecartis/Listar multiple vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/261209"
            },
            {
              "name": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2",
              "refsource": "MISC",
              "url": "http://marc.info/?l=listar-support\u0026m=101590272221720\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0468",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-07T00:00:00",
    "dateUpdated": "2024-08-08T02:49:29.053Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-0469 (GCVE-0-2002-0469)

Vulnerability from cvelistv5 – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49

Summary

Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.iss.net/security_center/static/8444.php	vdb-entryx_refsource_XF
	http://archives.neohapsis.com/archives/vulnwatch/…	mailing-listx_refsource_VULNWATCH
	http://www.securityfocus.com/archive/1/261209	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/4277	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:28.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ecartis-root-privileges(8444)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8444.php"
          },
          {
            "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
          },
          {
            "name": "20020310 Ecartis/Listar multiple vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/261209"
          },
          {
            "name": "4277",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4277"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, \"lock-to-user\" is not set, and ecartis is called by certain MTA\u0027s, which could allow local users to gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-06-15T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ecartis-root-privileges(8444)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8444.php"
        },
        {
          "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
        },
        {
          "name": "20020310 Ecartis/Listar multiple vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/261209"
        },
        {
          "name": "4277",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4277"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0469",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, \"lock-to-user\" is not set, and ecartis is called by certain MTA\u0027s, which could allow local users to gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ecartis-root-privileges(8444)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8444.php"
            },
            {
              "name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
            },
            {
              "name": "20020310 Ecartis/Listar multiple vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/261209"
            },
            {
              "name": "4277",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4277"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0469",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-07T00:00:00",
    "dateUpdated": "2024-08-08T02:49:28.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

6 vulnerabilities found for listar by listar

CVE-2002-0467 (GCVE-0-2002-0467)

CVE-2002-0468 (GCVE-0-2002-0468)

CVE-2002-0469 (GCVE-0-2002-0469)

CVE-2002-0467 (GCVE-0-2002-0467)

CVE-2002-0468 (GCVE-0-2002-0468)

CVE-2002-0469 (GCVE-0-2002-0469)