Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2002-0424

EPSS 0.07% · P21
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0424

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
efingerd 1.61 and earlier, when configured without the -u option, executes .efingerd files as the efingerd user (typically "nobody"), which allows local users to gain privileges as the efingerd user by modifying their own .efingerd file and running finger.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
EFingerD用户配置文件命令可执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
EfingerD是一款免费的开放源代码的finger守护程序,使用在Linux操作系统下。 EfingerD在处理配置文件中存在漏洞可以导致以nobody权限执行任意命令。 当通过EfingerD查询和请求某个系统存在用户的时候,EefingerD会查找在用户主目录下的".efingerd"文件,如果此文件存在,就会以'nobody'的权限执行,.efingerd的输出将返回给查询和请求的用户。 因此本地用户可以在其目录下放置.efingerd文件,而自己通过EfingerD守护程序查询和请求自身时,此程
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2002-0424

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2002-0424

登录查看更多情报信息。

Same Patch Batch · n/a · 2003-04-02 · 350 CVEs total

CVE-2002-0719Microsoft Content Management Server 2001 SQL注入漏洞(MS02-041)
CVE-2002-0741PsyBNC超长密码导致拒绝服务漏洞
CVE-2002-0738MHonArc HTML脚本过滤可绕过漏洞
CVE-2002-0737Sambar WEB服务程序服务端文件解析可绕过漏洞
CVE-2002-0736Microsoft BackOffice授权问题漏洞
CVE-2002-0734B2 B2config.php远程命令执行漏洞
CVE-2002-0733ACME Labs thttpd跨站脚本执行漏洞
CVE-2002-0727Microsoft OWC可导致Active脚本执行漏洞
CVE-2002-0726Microsoft TSAC ActiveX远程缓冲区溢出漏洞(MS02-046)
CVE-2002-0722Microsoft Internet Explorer 安全漏洞
CVE-2002-0720Microsoft Windows 2000网络连接管理器权限提升漏洞(MS02-042)
CVE-2002-0704Linux NetFilter NAT信息泄露漏洞
CVE-2002-0697Microsoft Metadirectory服务远程LDAP客户端管理员访问漏洞(MS02-036)
CVE-2002-0698Microsoft Exchange Server 缓冲区错误漏洞
CVE-2002-0700Microsoft Content Management Server 2001用户认证缓冲区溢出漏洞(MS02-041)
CVE-2002-0701多个供应商进BSD KTrace SUID/SGID进程追踪漏洞
CVE-2002-0703Gisle Aas Digest-MD5 UTF-8摘要计算存在漏洞
CVE-2002-0714Squid FTP代理数据通道漏洞
CVE-2002-0718Microsoft Content Management Server 2001文件上传漏洞(MS02-041)
CVE-2002-0716OpenServer定时服务格式字符串漏洞

Showing top 20 of 350 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2002-0424

No comments yet

Leave a comment