Upstream information

CVE-2002-1158 at MITRE

Description

Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.2
Vector AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
No SUSE Bugzilla entries cross referenced.

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • canna >= 3.5b2-281
ul1.s390x
ul1.s390
ul1.ppc
ul1.x86
SuSE Linux Enterprise Server 8 for IBM zSeries
  • canna >= 3.5b2-134
ul1.s390x
ul1.s390
ul1.ppc
ul1.x86
SuSE Linux Openexchange Server 4
UnitedLinux 1.0
  • canna >= 3.5b2-534
ul1.s390x
ul1.s390
ul1.ppc
ul1.x86