CVE-2003-0262 - leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to g

CVE-2003-0262

Summary

leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.

References

http://www.debian.org/security/2003/dsa-299
http://www.securityfocus.com/bid/7505
https://exchange.xforce.ibmcloud.com/vulnerabilities/11945

Vulnerable Configurations

cpe:2.3:a:leksbot:leksbot:1.2:*:*:*:*:*:*:*
cpe:2.3:a:leksbot:leksbot:1.2:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	7505
debian	DSA-299
xf	kataxwr-gain-privileges(11945)

Last major update

11-07-2017 - 01:29

Published

27-05-2003 - 04:00

Last modified

11-07-2017 - 01:29