CVE-2003-0262

leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.debian.org/security/2003/dsa-299	Patch Vendor Advisory
http://www.securityfocus.com/bid/7505
https://exchange.xforce.ibmcloud.com/vulnerabilities/11945
http://www.debian.org/security/2003/dsa-299	Patch Vendor Advisory
http://www.securityfocus.com/bid/7505
https://exchange.xforce.ibmcloud.com/vulnerabilities/11945

Configurations

Configuration 1 (hide)

cpe:2.3:a:leksbot:leksbot:1.2:*:*:*:*:*:*:*

History

20 Nov 2024, 23:44

Type	Values Removed	Values Added
References	~~() http://www.debian.org/security/2003/dsa-299 - Patch, Vendor Advisory~~	() http://www.debian.org/security/2003/dsa-299 - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/7505 -~~	() http://www.securityfocus.com/bid/7505 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/11945 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/11945 -

Information

Published : 2003-05-27 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2003-0262

Mitre link : CVE-2003-0262

CVE.ORG link : CVE-2003-0262

JSON object : View

Products Affected

leksbot

leksbot

CWE

NVD-CWE-Other

{"id": "CVE-2003-0262", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-05-27T04:00:00.000", "references": [{"url": "http://www.debian.org/security/2003/dsa-299", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/7505", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11945", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2003/dsa-299", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/7505", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11945", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have."}, {"lang": "es", "value": "leksbot 1.2.3 en Debian Linux instala el KATAXWR con bit uid de root, lo cual permite a usuarios locales obtener privilegios de root explotando vulnerabilidades relacionadas con privilegios escalados, para lo cual KATAXWR no fue dise\u00f1ado."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:leksbot:leksbot:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "119A96BF-669E-46F1-871F-F363014240DC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}