CVE-2002-0875

Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
ftp://patches.sgi.com/support/free/security/advisories/20000301-03-I
http://www.debian.org/security/2002/dsa-154	Patch Vendor Advisory
http://www.iss.net/security_center/static/9880.php
http://www.redhat.com/support/errata/RHSA-2005-005.html
http://www.securityfocus.com/bid/5487

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sgi:fam:2.6.6:::::::*
	cpe:2.3:a:sgi:fam:2.6.8:::::::*
	cpe:2.3:o:sgi:irix:6.5.15:::::::*
	cpe:2.3:o:sgi:irix:6.5.16:::::::*
	cpe:2.3:o:sgi:irix:6.5.17:::::::*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-09-05 04:00

Updated : 2023-12-10 10:17

NVD link : CVE-2002-0875

Mitre link : CVE-2002-0875

CVE.ORG link : CVE-2002-0875

JSON object : View

Products Affected

sgi

fam
irix

debian

debian_linux

CWE

NVD-CWE-Other

{"id": "CVE-2002-0875", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-09-05T04:00:00.000", "references": [{"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc", "source": "cve@mitre.org"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20000301-03-I", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2002/dsa-154", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/9880.php", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-005.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/5487", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group."}, {"lang": "es", "value": "Vulnerabilidad en FAM 2.6.8, 2.6.6 y otras versiones permite a usuarios sin privilegios obtener los nombres de ficheros cuyo acceso est\u00e1 restringido al grupo de root"}], "lastModified": "2008-09-10T19:13:05.663", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sgi:fam:2.6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E20CC5D1-D526-476C-926A-3A7A125A7351"}, {"criteria": "cpe:2.3:a:sgi:fam:2.6.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A26F49E-EACD-4CE3-86E6-F76E9DADCEB2"}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A"}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B13C07CC-F615-4F30-B532-4BF6F02F84DF"}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BE3F77A-909E-4947-A808-BCAB7F96A108"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}