Published: 27/02/2002 Updated: 10/10/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

Vulnerable Product	Search on Vulmon	Subscribe to Product
caldera openlinux workstation 3.1
caldera openlinux server 3.1
freebsd freebsd 4.1.1
freebsd freebsd 4.2
netbsd netbsd 1.5.2
redhat linux 6.2
redhat linux 7.2
suse suse linux 6.4
suse suse linux 7.0
suse suse linux 7.1
suse suse linux 7.2
debian debian linux 2.2
mandrakesoft mandrake linux 8.1
redhat linux 7.1
freebsd freebsd 4.3
freebsd freebsd 4.4
slackware slackware linux 7.0
suse suse linux 7.3
mandrakesoft mandrake linux 8.0
redhat linux 7.0
slackware slackware linux 7.1
slackware slackware linux 8.0

source: wwwsecurityfocuscom/bid/3886/info at is a freely available, open source scheduler package It is included with various Unix and Linux operating systems, and maintained by public domain Under some circumstances, at does not correctly handle time input A local user attempting to schedule a task via commandline execution and using ...

NVD-CWE-Other http://www.debian.org/security/2002/dsa-102 http://www.securityfocus.com/bid/3886 http://www.redhat.com/support/errata/RHSA-2002-015.html http://www.novell.com/linux/security/advisories/2002_003_at_txt.html http://online.securityfocus.com/advisories/3833 http://online.securityfocus.com/advisories/3969 http://marc.info/?l=bugtraq&m=101147632721031&w=2 http://marc.info/?l=bugtraq&m=101128661602088&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/7909 https://nvd.nist.gov https://www.exploit-db.com/exploits/21229/

CVE-2002-0004

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect