CVE-2002-0178: CVE-2002-0178

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0178

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GNU SharUtils UUDecode存在符号连接攻击漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Sharutils是一款由GNU维护的免费开放源代码工具套件，设计使用在Unix和Linux操作系统下。 SharUtils中UUDecode在处理解码的时候存在问题，可导致本地攻击者进行符号连接攻击。在解一个以uuencode编码的文件时，uudecode程序一般会在临时目录中建立一名为'/tmp/myfile.sh'的文件，不幸的是，uudecode没有正确的检查文件是否已经存在，也没有检查此存在文件是否使用了符号连接或者管道，如果使用uudecode展开数据在不安全目录如/tmp，/var/tmp

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2002-0178

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2002-0178

Please Login to view more intelligence information

http://www.aerasec.de/security/index.html?id=ae-200204-033&lang=enx_refsource_MISC
http://www.securityfocus.com/bid/4742vdb-entryx_refsource_BID
http://www.osvdb.org/8274vdb-entryx_refsource_OSVDB
http://www.kb.cert.org/vuls/id/336083third-party-advisoryx_refsource_CERT-VN
http://www.redhat.com/support/errata/RHSA-2003-180.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2002-065.htmlvendor-advisoryx_refsource_REDHAT
http://online.securityfocus.com/advisories/4132vendor-advisoryx_refsource_HP
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-052.phpvendor-advisoryx_refsource_MANDRAKE
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-040.0.txtvendor-advisoryx_refsource_CALDERA
http://marc.info/?l=bugtraq&m=103599320902432&w=2mailing-listx_refsource_BUGTRAQ
http://www.iss.net/security_center/static/9075.phpvdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2002-0178

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2002-0178

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2002-0178

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2002-0178

III. Intelligence Information for CVE-2002-0178

New Vulnerabilities

V. Comments for CVE-2002-0178

Leave a comment