CVE-2002-0004

OpenLinux Server - Heap Corruption via Malformed Execution Time in 'at' Program

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0004. PoCs published by SuSE Security.

AI-analyzed exploit summary The writeup describes a local privilege escalation vulnerability in the 'at' scheduler due to improper handling of maliciously crafted time formats, leading to heap corruption and potential arbitrary code execution with root privileges.

Description

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

Exploits (1)

exploitdb WRITEUP VERIFIED
by SuSE Security · textlocallinux
https://www.exploit-db.com/exploits/21229

The writeup describes a local privilege escalation vulnerability in the 'at' scheduler due to improper handling of maliciously crafted time formats, leading to heap corruption and potential arbitrary code execution with root privileges.

Classification
Writeup 80%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: at scheduler (various Unix/Linux implementations)
Auth required
Prerequisites: Local access to the system · Presence of the vulnerable 'at' scheduler
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7909
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://online.securityfocus.com/advisories/3969
Patch vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-102
Patch, Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2002-015.html
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://online.securityfocus.com/advisories/3833
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101128661602088&w=2
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3886
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2002_003_at_txt.html
Mailing List vendor-advisory x_refsource_mandrake
http://marc.info/?l=bugtraq&m=101147632721031&w=2

Scores

EPSS 0.0134
EPSS Percentile 68.1%

Details

Status published
Products (22)
caldera/openlinux_server 3.1
caldera/openlinux_workstation 3.1
debian/debian_linux 2.2 (6 CPE variants)
freebsd/freebsd 4.1.1
freebsd/freebsd 4.2
freebsd/freebsd 4.3
freebsd/freebsd 4.4
mandrakesoft/mandrake_linux 8.0 (2 CPE variants)
mandrakesoft/mandrake_linux 8.1 (2 CPE variants)
netbsd/netbsd 1.5.2
... and 12 more
Published Feb 27, 2002
Tracked Since Feb 18, 2026