CVE-2002-1598 - Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to ex

CVE-2002-1598

Summary

Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock.

References

ftp://ftp.ca.com/pub/unicenter/mlink/mlink.13/MLINK13.README
http://www.kb.cert.org/vuls/id/544995
http://www.kb.cert.org/vuls/id/772915
http://www.securityfocus.com/archive/1/266052
http://www.securityfocus.com/bid/4440
http://www.securityfocus.com/bid/4441
https://exchange.xforce.ibmcloud.com/vulnerabilities/8776

Vulnerable Configurations

cpe:2.3:a:broadcom:mlink:6.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:mlink:6.5:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 09-04-2021 - 17:45)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	4440 4441
bugtraq	20020405 Re: CA security contact
cert-vn	VU#544995 VU#772915
confirm	ftp://ftp.ca.com/pub/unicenter/mlink/mlink.13/MLINK13.README
xf	ca-mlink-bo(8776)

Last major update

09-04-2021 - 17:45

Published

05-04-2002 - 05:00

Last modified

09-04-2021 - 17:45