PT-2002-2019 · Traffic Edge+2 · Traffic Edge+2

Published

2002-10-04

Updated

2008-09-05

CVE-2002-1013

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Inktomi Traffic Server versions 4.0.18 through 5.2.2 Traffic Edge versions 1.1.2 and 1.5.0 Media-IXT version 3.0.4

Description: A buffer overflow issue in the traffic manager component allows local users to gain root privileges by providing a long path argument.

Recommendations: For Inktomi Traffic Server versions 4.0.18 through 5.2.2, avoid using long path arguments in the traffic manager to minimize the risk of exploitation. For Traffic Edge versions 1.1.2 and 1.5.0, restrict access to the traffic manager component until a fix is available. For Media-IXT version 3.0.4, consider disabling the traffic manager functionality as a temporary workaround until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1013

Affected Products

Inktomi Traffic Server

Media-Ixt

Traffic Edge

PT-2002-2019 · Traffic Edge+2 · Traffic Edge+2

CVE-2002-1013

Related Identifiers

Affected Products

References · 6