cvelistv5 - cve-2002-0435

CVE-2002-0435 (GCVE-0-2002-0435)

Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49

Summary

Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.redhat.com/support/errata/RHSA-2003-016.html	vendor-advisoryx_refsource_REDHAT
	http://www.linux-mandrake.com/en/security/2002/MD…	vendor-advisoryx_refsource_MANDRAKE
	http://mail.gnu.org/archive/html/bug-fileutils/20…	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2003-015.html	vendor-advisoryx_refsource_REDHAT
	http://www.securityfocus.com/bid/4266	vdb-entryx_refsource_BID
	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA…	vendor-advisoryx_refsource_CALDERA
	http://www.securityfocus.com/archive/1/260936	mailing-listx_refsource_BUGTRAQ
	http://www.iss.net/security_center/static/8432.php	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:28.518Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2003:016",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
          },
          {
            "name": "MDKSA-2002:031",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
          },
          {
            "name": "RHSA-2003:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
          },
          {
            "name": "4266",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4266"
          },
          {
            "name": "CSSA-2002-018.1",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
          },
          {
            "name": "20020310 GNU fileutils - recursive directory removal race condition",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/260936"
          },
          {
            "name": "gnu-fileutils-race-condition(8432)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8432.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2003-03-21T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2003:016",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
        },
        {
          "name": "MDKSA-2002:031",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
        },
        {
          "name": "RHSA-2003:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
        },
        {
          "name": "4266",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4266"
        },
        {
          "name": "CSSA-2002-018.1",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
        },
        {
          "name": "20020310 GNU fileutils - recursive directory removal race condition",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/260936"
        },
        {
          "name": "gnu-fileutils-race-condition(8432)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8432.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0435",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2003:016",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
            },
            {
              "name": "MDKSA-2002:031",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
            },
            {
              "name": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
              "refsource": "CONFIRM",
              "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
            },
            {
              "name": "RHSA-2003:015",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
            },
            {
              "name": "4266",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4266"
            },
            {
              "name": "CSSA-2002-018.1",
              "refsource": "CALDERA",
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
            },
            {
              "name": "20020310 GNU fileutils - recursive directory removal race condition",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/260936"
            },
            {
              "name": "gnu-fileutils-race-condition(8432)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8432.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0435",
    "datePublished": "2003-04-02T05:00:00",
    "dateReserved": "2002-06-07T00:00:00",
    "dateUpdated": "2024-08-08T02:49:28.518Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:fileutils:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5763D60E-A358-4D0A-BD7B-B01CC4CAD7C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:fileutils:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2F6A8F0-396B-4484-9621-70FFC61BF4A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:fileutils:4.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E2FE284-B564-48C7-9DA4-31A6D9AD3E38\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \\\"..\\\" directory that is higher than expected, possibly up to the root file system.\"}]",
      "id": "CVE-2002-0435",
      "lastModified": "2024-11-20T23:39:05.210",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:H/Au:N/C:N/I:P/A:N\", \"baseScore\": 1.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 1.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2002-07-26T04:00:00.000",
      "references": "[{\"url\": \"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.iss.net/security_center/static/8432.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2003-015.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2003-016.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/260936\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/4266\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.iss.net/security_center/static/8432.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2003-015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2003-016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/260936\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/4266\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-0435\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-07-26T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \\\"..\\\" directory that is higher than expected, possibly up to the root file system.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:N/I:P/A:N\",\"baseScore\":1.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":1.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:fileutils:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5763D60E-A358-4D0A-BD7B-B01CC4CAD7C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:fileutils:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F6A8F0-396B-4484-9621-70FFC61BF4A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:fileutils:4.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E2FE284-B564-48C7-9DA4-31A6D9AD3E38\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.iss.net/security_center/static/8432.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-015.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-016.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/260936\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/4266\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.iss.net/security_center/static/8432.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/260936\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/4266\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

GSD-2002-0435

Vulnerability from gsd - Updated: 2023-12-13 01:24

Details

Aliases

CVE-2002-0435

Aliases

CVE-2002-0435

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2002-0435",
    "description": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system.",
    "id": "GSD-2002-0435",
    "references": [
      "https://www.suse.com/security/cve/CVE-2002-0435.html",
      "https://access.redhat.com/errata/RHSA-2003:016",
      "https://access.redhat.com/errata/RHSA-2003:015"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2002-0435"
      ],
      "details": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system.",
      "id": "GSD-2002-0435",
      "modified": "2023-12-13T01:24:07.981641Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2002-0435",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2003:016",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
          },
          {
            "name": "MDKSA-2002:031",
            "refsource": "MANDRAKE",
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
          },
          {
            "name": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
            "refsource": "CONFIRM",
            "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
          },
          {
            "name": "RHSA-2003:015",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
          },
          {
            "name": "4266",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/4266"
          },
          {
            "name": "CSSA-2002-018.1",
            "refsource": "CALDERA",
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
          },
          {
            "name": "20020310 GNU fileutils - recursive directory removal race condition",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/260936"
          },
          {
            "name": "gnu-fileutils-race-condition(8432)",
            "refsource": "XF",
            "url": "http://www.iss.net/security_center/static/8432.php"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:gnu:fileutils:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnu:fileutils:4.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnu:fileutils:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0435"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020310 GNU fileutils - recursive directory removal race condition",
              "refsource": "BUGTRAQ",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/archive/1/260936"
            },
            {
              "name": "CSSA-2002-018.1",
              "refsource": "CALDERA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
            },
            {
              "name": "gnu-fileutils-race-condition(8432)",
              "refsource": "XF",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.iss.net/security_center/static/8432.php"
            },
            {
              "name": "4266",
              "refsource": "BID",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/4266"
            },
            {
              "name": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
            },
            {
              "name": "RHSA-2003:015",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
            },
            {
              "name": "RHSA-2003:016",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
            },
            {
              "name": "MDKSA-2002:031",
              "refsource": "MANDRAKE",
              "tags": [],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 1.2,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 1.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2008-09-05T20:28Z",
      "publishedDate": "2002-07-26T04:00Z"
    }
  }
}

FKIE_CVE-2002-0435

Vulnerability from fkie_nvd - Published: 2002-07-26 04:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt	Patch, Vendor Advisory
cve@mitre.org	http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html
cve@mitre.org	http://www.iss.net/security_center/static/8432.php	Patch, Vendor Advisory
cve@mitre.org	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-015.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-016.html
cve@mitre.org	http://www.securityfocus.com/archive/1/260936	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/4266	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/8432.php	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-015.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-016.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/260936	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4266	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
gnu	fileutils	4.0
gnu	fileutils	4.1
gnu	fileutils	4.1.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:fileutils:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5763D60E-A358-4D0A-BD7B-B01CC4CAD7C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:fileutils:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F6A8F0-396B-4484-9621-70FFC61BF4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:fileutils:4.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E2FE284-B564-48C7-9DA4-31A6D9AD3E38",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
    }
  ],
  "id": "CVE-2002-0435",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.2,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-07-26T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/8432.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/260936"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4266"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/8432.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/260936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4266"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

RHSA-2003:016

Vulnerability from csaf_redhat - Published: 2003-02-20 18:37 - Updated: 2025-11-21 17:25

Summary

Red Hat Security Advisory: fileutils security update

Notes

Topic

Updated fileutils packages are available which fix a race condition in recursive remove and move commands.

Details

The fileutils package includes a number of GNU versions of common and popular file management utilities. A race condition in recursive use of rm and mv commands in fileutils 4.1 and earlier could allow local users to delete files and directories as the user running fileutils if the user has write access to part of the tree being moved or deleted. In addition, a bug in the way that the chown command parses --from options has also been fixed in these packages, bringing the command into Linux Standard Base (LSB) compliance. Users of Red Hat Linux Advanced Server should install the upgraded fileutils packages which contain patches to correct these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated fileutils packages are available which fix a race condition in\nrecursive remove and move commands.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The fileutils package includes a number of GNU versions of common and\npopular file management utilities.\n\nA race condition in recursive use of rm and mv commands in fileutils 4.1\nand earlier could allow local users to delete files and directories as the\nuser running fileutils if the user has write access to part of the tree\nbeing moved or deleted.\n\nIn addition, a bug in the way that the chown command parses --from options\nhas also been fixed in these packages,  bringing the command into Linux\nStandard Base (LSB) compliance.\n\nUsers of Red Hat Linux Advanced Server should install the upgraded\nfileutils packages which contain patches to correct these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2003:016",
        "url": "https://access.redhat.com/errata/RHSA-2003:016"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "http://online.securityfocus.com/archive/1/260936",
        "url": "http://online.securityfocus.com/archive/1/260936"
      },
      {
        "category": "external",
        "summary": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
        "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
      },
      {
        "category": "external",
        "summary": "82336",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=82336"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_016.json"
      }
    ],
    "title": "Red Hat Security Advisory: fileutils security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:25:24+00:00",
      "generator": {
        "date": "2025-11-21T17:25:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2003:016",
      "initial_release_date": "2003-02-20T18:37:00+00:00",
      "revision_history": [
        {
          "date": "2003-02-20T18:37:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2003-01-21T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:25:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                "product": {
                  "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux Advanced Workstation 2.1",
                "product": {
                  "name": "Red Hat Linux Advanced Workstation 2.1",
                  "product_id": "Red Hat Linux Advanced Workstation 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Products"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0435",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616780"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616780",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616780"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0435",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435"
        }
      ],
      "release_date": "2002-03-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-02-20T18:37:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:016"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

RHSA-2003_015

Vulnerability from csaf_redhat - Published: 2003-02-13 08:35 - Updated: 2024-11-21 22:36

Summary

Red Hat Security Advisory: : : : Updated fileutils package fixes race condition in recursive operations

Notes

Topic

New fileutils packages for Red Hat Linux 6.2, 7.0, 7.1, 7.2 and 7.3 fix a race condition in recursive remove and move commands. [Updated 16 April 2003] Added packages for Red Hat Linux on IBM iSeries and pSeries systems.

Details

The fileutils package includes a number of GNU versions of common and popular file management utilities. A race condition in the recursive use of 'rm' and 'mv' in fileutils 4.1 and earlier could allow local users to delete files and directories (as the user running fileutils) if the user has write access to part of the tree being moved or deleted. Red Hat Linux versions 6.2, 7, 7.1, 7.2, and 7.3 shipped with versions of fileutils that are vulnerable to this issue. This erratum provides new fileutils packages that contain a patch correcting this issue.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "New fileutils packages for Red Hat Linux 6.2, 7.0, 7.1, 7.2 and 7.3 fix a\nrace condition in recursive remove and move commands.\n\n[Updated 16 April 2003]\nAdded packages for Red Hat Linux on IBM iSeries and pSeries systems.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The fileutils package includes a number of GNU versions of common and\npopular file management utilities.\n\nA race condition in the recursive use of \u0027rm\u0027 and \u0027mv\u0027 in fileutils 4.1 and\nearlier could allow local users to delete files and directories (as the user\nrunning fileutils) if the user has write access to part of the tree being\nmoved or deleted.\n\nRed Hat Linux versions 6.2, 7, 7.1, 7.2, and 7.3 shipped with versions of\nfileutils that are vulnerable to this issue.  This erratum provides new\nfileutils packages that contain a patch correcting this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2003:015",
        "url": "https://access.redhat.com/errata/RHSA-2003:015"
      },
      {
        "category": "external",
        "summary": "http://online.securityfocus.com/archive/1/260936",
        "url": "http://online.securityfocus.com/archive/1/260936"
      },
      {
        "category": "external",
        "summary": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
        "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_015.json"
      }
    ],
    "title": "Red Hat Security Advisory: : : : Updated fileutils package fixes race condition in recursive operations",
    "tracking": {
      "current_release_date": "2024-11-21T22:36:37+00:00",
      "generator": {
        "date": "2024-11-21T22:36:37+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2003:015",
      "initial_release_date": "2003-02-13T08:35:00+00:00",
      "revision_history": [
        {
          "date": "2003-02-13T08:35:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2003-01-21T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:36:37+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Linux 6.2",
                "product": {
                  "name": "Red Hat Linux 6.2",
                  "product_id": "Red Hat Linux 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:6.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.0",
                "product": {
                  "name": "Red Hat Linux 7.0",
                  "product_id": "Red Hat Linux 7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.1",
                "product": {
                  "name": "Red Hat Linux 7.1",
                  "product_id": "Red Hat Linux 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.2",
                "product": {
                  "name": "Red Hat Linux 7.2",
                  "product_id": "Red Hat Linux 7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.3",
                "product": {
                  "name": "Red Hat Linux 7.3",
                  "product_id": "Red Hat Linux 7.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0435",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616780"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2",
          "Red Hat Linux 7.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616780",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616780"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0435",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435"
        }
      ],
      "release_date": "2002-03-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-02-13T08:35:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2",
            "Red Hat Linux 7.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:015"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

RHSA-2003:015

Vulnerability from csaf_redhat - Published: 2003-02-13 08:35 - Updated: 2025-11-21 17:25

Summary

Red Hat Security Advisory: : : : Updated fileutils package fixes race condition in recursive operations

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "New fileutils packages for Red Hat Linux 6.2, 7.0, 7.1, 7.2 and 7.3 fix a\nrace condition in recursive remove and move commands.\n\n[Updated 16 April 2003]\nAdded packages for Red Hat Linux on IBM iSeries and pSeries systems.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The fileutils package includes a number of GNU versions of common and\npopular file management utilities.\n\nA race condition in the recursive use of \u0027rm\u0027 and \u0027mv\u0027 in fileutils 4.1 and\nearlier could allow local users to delete files and directories (as the user\nrunning fileutils) if the user has write access to part of the tree being\nmoved or deleted.\n\nRed Hat Linux versions 6.2, 7, 7.1, 7.2, and 7.3 shipped with versions of\nfileutils that are vulnerable to this issue.  This erratum provides new\nfileutils packages that contain a patch correcting this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2003:015",
        "url": "https://access.redhat.com/errata/RHSA-2003:015"
      },
      {
        "category": "external",
        "summary": "http://online.securityfocus.com/archive/1/260936",
        "url": "http://online.securityfocus.com/archive/1/260936"
      },
      {
        "category": "external",
        "summary": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
        "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_015.json"
      }
    ],
    "title": "Red Hat Security Advisory: : : : Updated fileutils package fixes race condition in recursive operations",
    "tracking": {
      "current_release_date": "2025-11-21T17:25:24+00:00",
      "generator": {
        "date": "2025-11-21T17:25:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2003:015",
      "initial_release_date": "2003-02-13T08:35:00+00:00",
      "revision_history": [
        {
          "date": "2003-02-13T08:35:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2003-01-21T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:25:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Linux 6.2",
                "product": {
                  "name": "Red Hat Linux 6.2",
                  "product_id": "Red Hat Linux 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:6.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.0",
                "product": {
                  "name": "Red Hat Linux 7.0",
                  "product_id": "Red Hat Linux 7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.1",
                "product": {
                  "name": "Red Hat Linux 7.1",
                  "product_id": "Red Hat Linux 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.2",
                "product": {
                  "name": "Red Hat Linux 7.2",
                  "product_id": "Red Hat Linux 7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.3",
                "product": {
                  "name": "Red Hat Linux 7.3",
                  "product_id": "Red Hat Linux 7.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0435",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616780"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2",
          "Red Hat Linux 7.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616780",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616780"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0435",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435"
        }
      ],
      "release_date": "2002-03-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-02-13T08:35:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2",
            "Red Hat Linux 7.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:015"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

RHSA-2003_016

Vulnerability from csaf_redhat - Published: 2003-02-20 18:37 - Updated: 2024-11-21 22:36

Summary

Red Hat Security Advisory: fileutils security update

Notes

Topic

Updated fileutils packages are available which fix a race condition in recursive remove and move commands.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated fileutils packages are available which fix a race condition in\nrecursive remove and move commands.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The fileutils package includes a number of GNU versions of common and\npopular file management utilities.\n\nA race condition in recursive use of rm and mv commands in fileutils 4.1\nand earlier could allow local users to delete files and directories as the\nuser running fileutils if the user has write access to part of the tree\nbeing moved or deleted.\n\nIn addition, a bug in the way that the chown command parses --from options\nhas also been fixed in these packages,  bringing the command into Linux\nStandard Base (LSB) compliance.\n\nUsers of Red Hat Linux Advanced Server should install the upgraded\nfileutils packages which contain patches to correct these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2003:016",
        "url": "https://access.redhat.com/errata/RHSA-2003:016"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "http://online.securityfocus.com/archive/1/260936",
        "url": "http://online.securityfocus.com/archive/1/260936"
      },
      {
        "category": "external",
        "summary": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
        "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
      },
      {
        "category": "external",
        "summary": "82336",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=82336"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_016.json"
      }
    ],
    "title": "Red Hat Security Advisory: fileutils security update",
    "tracking": {
      "current_release_date": "2024-11-21T22:36:41+00:00",
      "generator": {
        "date": "2024-11-21T22:36:41+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2003:016",
      "initial_release_date": "2003-02-20T18:37:00+00:00",
      "revision_history": [
        {
          "date": "2003-02-20T18:37:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2003-01-21T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:36:41+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                "product": {
                  "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux Advanced Workstation 2.1",
                "product": {
                  "name": "Red Hat Linux Advanced Workstation 2.1",
                  "product_id": "Red Hat Linux Advanced Workstation 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Products"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0435",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616780"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616780",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616780"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0435",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0435"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435"
        }
      ],
      "release_date": "2002-03-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-02-20T18:37:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:016"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

GHSA-M4M8-RGHQ-9WJC

Vulnerability from github – Published: 2022-05-03 03:07 – Updated: 2022-05-03 03:07

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2002-0435"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-07-26T04:00:00Z",
    "severity": "LOW"
  },
  "details": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system.",
  "id": "GHSA-m4m8-rghq-9wjc",
  "modified": "2022-05-03T03:07:54Z",
  "published": "2022-05-03T03:07:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0435"
    },
    {
      "type": "WEB",
      "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/8432.php"
    },
    {
      "type": "WEB",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/260936"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/4266"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2002-0435 (GCVE-0-2002-0435)

GSD-2002-0435

FKIE_CVE-2002-0435

RHSA-2003:016

RHSA-2003_015

RHSA-2003:015

RHSA-2003_016

GHSA-M4M8-RGHQ-9WJC

Tags

Sightings

Nomenclature