Vulnerability Database

290,272

Total vulnerabilities in the database

CVE-2002-2221

Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.

  • Published: Dec 31, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-2221
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.2
  • AV:L/AC:H/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
chetcpasswd / chetcpasswd 2.3.1 2.3.1.x
chetcpasswd / chetcpasswd 2.3.3 2.3.3.x
chetcpasswd / chetcpasswd 2.4.1 2.4.1.x