CVE-2002-2023

Name of the Vulnerable Software and Affected Versions beep2 versions 1.0 through 1.2

Description The issue concerns the get parameter from freqency source function, which allows local users to read arbitrary files when beep2 is installed setuid root. The exact attack vectors are not specified.

Recommendations For versions 1.0 through 1.2, consider removing the setuid root installation to prevent exploitation until a patch is available. As a temporary workaround, restrict access to the get parameter from freqency source function to minimize the risk of arbitrary file reading.