Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to lisa - lisa

Vulnerability from fkie_nvd

Published

2002-11-29 05:00

Modified

2025-04-03 01:03

Severity ?

Summary

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=103704823501757&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=103712329102632&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=103728981029342&w=2
cve@mitre.org	http://www.ciac.org/ciac/bulletins/n-020.shtml
cve@mitre.org	http://www.debian.org/security/2002/dsa-193	Patch, Vendor Advisory
cve@mitre.org	http://www.idefense.com/advisory/11.11.02.txt
cve@mitre.org	http://www.iss.net/security_center/static/10592.php	Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2002:080
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-220.html
cve@mitre.org	http://www.securityfocus.com/bid/6157	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=103704823501757&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=103712329102632&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=103728981029342&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.ciac.org/ciac/bulletins/n-020.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2002/dsa-193	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/advisory/11.11.02.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/10592.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2002:080
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-220.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/6157	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
kde	klisa	2.2.2
lisa	lisa	0.1
lisa	lisa	0.1.2
kde	kde	2.0
kde	kde	2.1
kde	kde	2.2
kde	kde	3.0
kde	kde	3.0.1
kde	kde	3.0.2
kde	kde	3.0.3
kde	kde	3.0.3a
kde	kde	3.0.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kde:klisa:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45616FC1-D9F5-40F3-B3AB-B96453F31242",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lisa:lisa:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61D200C-1D4D-4C4F-A077-79F6616F03CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lisa:lisa:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8220DEF4-997E-4188-81DD-BD498B24D464",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:kde:kde:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6671EEE2-8CEC-41C7-9CF2-23D92A1B3DE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C5E480F-A87E-4583-BC75-8596206C0895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5DBFB51-48EB-41E5-9712-0A5368EE56A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CEED379-3111-4451-B782-8C66CE568A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B146FCD3-F6E7-4412-94FD-F9E66089C227",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "99CB51E4-0BFC-4C7C-B9EE-3DBCB0188D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C629F0C8-C765-4076-B426-80929F9CE285",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.0.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E107A931-B670-42A8-9F75-EEA0EF3D09B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "671D1461-4AB4-4FB6-977D-733888A1BA9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en resLISa en KDE 2.1 A 3.0.4 y LISa anteriores a 0.2.2 permite a usuarios locales obtener acceso a raw sockets mediante una variable de entorno LOGNAME larga."
    }
  ],
  "id": "CVE-2002-1247",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-11-29T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=103704823501757\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2002/dsa-193"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.idefense.com/advisory/11.11.02.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/10592.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:080"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/6157"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=103704823501757\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=103712329102632\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=103728981029342\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/n-020.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2002/dsa-193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.idefense.com/advisory/11.11.02.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/10592.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-220.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/6157"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2002-1247 (GCVE-0-2002-1247)

Vulnerability from cvelistv5