CVE-2002-0244 - Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the

CVE-2002-0244

Summary

Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the jail via a .. (dot dot) in the pathname argument to chdir.

References

http://marc.info/?l=bugtraq&m=101310622531303&w=2
http://www.securityfocus.com/bid/4051
https://exchange.xforce.ibmcloud.com/vulnerabilities/8108

Vulnerable Configurations

cpe:2.3:a:atheos:atheos:0.3.7:*:*:*:*:*:*:*
cpe:2.3:a:atheos:atheos:0.3.7:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	4051
bugtraq	20020207 AtheOS: escaping from a chroot jail
xf	atheos-dot-directory-traversal(8108)

Last major update

11-07-2017 - 01:29

Published

29-05-2002 - 04:00

Last modified

11-07-2017 - 01:29