[Japanese]

JVNDB-2003-000163

KON2 Buffer Overflow Vulnerability in Command Argument Validation

Overview

KON (Kanji ON Linux console), provided by Linux Japan RPM Project, contains a buffer overflow vulnerability due to improper validation of command line arguments.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 7.2 (High) [NVD Score]
  • Access Vector: Local
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete
Affected Products


Cybertrust Japan Co., Ltd.
  • Asianux Server 2.0
  • Asianux Server 2.1
Red Hat, Inc.
  • Red Hat Linux 7.1
  • Red Hat Linux 7.2
  • Red Hat Linux 7.3
  • Red Hat Linux 8.0
  • Red Hat Linux 9

Impact

An attacker could execute arbitrary command with the root privileges.
Solution

Please refer to the 'Vendor Information' section for official remediation and take appropriate action.
Vendor Information

Cybertrust Japan Co., Ltd.
  • MIRACLE LINUX Update Information : kon2 (Japanese)
Red Hat, Inc.
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2002-1155
References

  1. National Vulnerability Database (NVD) : CVE-2002-1155
  2. SecurityFocus : 7790
Revision History

  • [2008/05/21]
      Web page published

Date Public2003/06/03
Date First Published2008/05/21
Date Last Updated2008/05/21