CVE-2002-0004

Description

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

Affected products

• caldera / openlinux_server3.1 – 3.1
• caldera / openlinux_workstation3.1 – 3.1
• Debian / debian_linux2.2 – 2.2
• Debian / debian_linux2.2 – 2.2
• Debian / debian_linux2.2 – 2.2
• Debian / debian_linux2.2 – 2.2
• Debian / debian_linux2.2 – 2.2
• Debian / debian_linux2.2 – 2.2
• FreeBSD / FreeBSD4.1.1 – 4.1.1
• FreeBSD / FreeBSD4.2 – 4.2
• FreeBSD / FreeBSD4.3 – 4.3
• FreeBSD / FreeBSD4.4 – 4.4
• mandrakesoft / mandrake_linux8.0 – 8.0
• mandrakesoft / mandrake_linux8.0 – 8.0
• mandrakesoft / mandrake_linux8.1 – 8.1
• mandrakesoft / mandrake_linux8.1 – 8.1
• NetBSD / netbsd1.5.2 – 1.5.2
• RedHat / linux6.2 – 6.2
• RedHat / linux6.2 – 6.2
• RedHat / linux6.2 – 6.2
• RedHat / linux7.0 – 7.0
• RedHat / linux7.0 – 7.0
• RedHat / linux7.1 – 7.1
• RedHat / linux7.1 – 7.1
• RedHat / linux7.1 – 7.1
• RedHat / linux7.2 – 7.2
• RedHat / linux7.2 – 7.2
• RedHat / linux7.2 – 7.2
• slackware / slackware_linux7.0 – 7.0
• slackware / slackware_linux7.1 – 7.1
• slackware / slackware_linux8.0 – 8.0
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.2 – 7.2
• SUSE / suse_linux7.3 – 7.3
• SUSE / suse_linux7.3 – 7.3
• SUSE / suse_linux7.3 – 7.3

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/7909
• VENDOR_ADVISORYhttp://online.securityfocus.com/advisories/3969
• VENDOR_ADVISORYhttp://www.debian.org/security/2002/dsa-102
• MISChttp://www.redhat.com/support/errata/RHSA-2002-015.html
• VENDOR_ADVISORYhttp://online.securityfocus.com/advisories/3833
• MAILING_LISThttp://marc.info/?l=bugtraq&m=101128661602088&w=2
• MISChttp://www.securityfocus.com/bid/3886
• VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2002_003_at_txt.html
• MAILING_LISThttp://marc.info/?l=bugtraq&m=101147632721031&w=2