CVE-2002-1506

Name of the Vulnerable Software and Affected Versions Linuxconf versions prior to 1.28r4

Description A buffer overflow issue exists, allowing local users to execute arbitrary code via a long LINUXCONF LANG environment variable. This variable overflows an error string that is generated.

Recommendations For versions prior to 1.28r4, update to version 1.28r4 or later to resolve the issue. As a temporary workaround, consider restricting the length of the LINUXCONF LANG environment variable to prevent overflow.