CVE-2002-0542

EPSS 1.5%

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/21373unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://marc.info/?l=bugtraq&m=101855467811695&w=2 http://online.securityfocus.com/archive/1/267089 http://www.iss.net/security_center/static/8818.php http://www.openbsd.org/errata30.html#mail http://www.osvdb.org/5269 http://www.securityfocus.com/bid/4495