CVE-2002-1503

Name of the Vulnerable Software and Affected Versions Automatic File Distributor (AFD) versions 1.2.14 and earlier

Description The issue allows local users to gain privileges through a buffer overflow. This can be achieved via a long MON WORK DIR environment variable or the -w (workdir) argument to various commands, including afdcmd, afd ctrl, init afd, mafd, mon ctrl, show olog, and udc.

Recommendations For AFD versions 1.2.14 and earlier, consider restricting the use of the MON WORK DIR environment variable and the -w (workdir) argument to prevent exploitation until a patch is available. As a temporary workaround, limit the privileges of users who can execute the affected commands, such as afdcmd, afd ctrl, init afd, mafd, mon ctrl, show olog, and udc, to minimize the risk of privilege escalation.