PT-2002-1314 · Atheros · Atheos

Published

2002-05-03

Updated

2017-07-11

CVE-2002-0244

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AtheOS version 0.3.7

Description The issue allows attackers to escape the jail via a .. (dot dot) in the pathname argument to chdir(). This is a directory traversal vulnerability in the chroot function.

Recommendations For AtheOS version 0.3.7, consider restricting the use of the chroot function until a patch is available. As a temporary workaround, avoid using the chdir() function with untrusted input to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0244

Affected Products

Atheos

PT-2002-1314 · Atheros · Atheos

CVE-2002-0244

Related Identifiers

Affected Products

References · 5