CVE-2002-0239

hanterm 3.3.1 - Local Buffer Overflow via Long Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-0239. PoCs published by xperc, Xpl017Elz.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in hanterm, a Korean language terminal emulator. It constructs a malicious buffer with NOP sleds, a return address override, and shellcode to spawn a root shell, leveraging hanterm's SUID root privileges.

Description

Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.

Exploits (2)

exploitdb WORKING POC VERIFIED
by xperc · clocallinux
https://www.exploit-db.com/exploits/21281

This exploit targets a buffer overflow vulnerability in hanterm, a Korean language terminal emulator. It constructs a malicious buffer with NOP sleds, a return address override, and shellcode to spawn a root shell, leveraging hanterm's SUID root privileges.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: hanterm (version unspecified, likely older versions)
No auth needed
Prerequisites: Local access to the system · hanterm installed with SUID root
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Xpl017Elz · clocallinux
https://www.exploit-db.com/exploits/21280

This exploit leverages a buffer overflow in hanterm to overwrite the return address on the stack, leading to arbitrary code execution. It includes shellcode to spawn a root shell and demonstrates the vulnerability with a crafted payload.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: hanterm (XFree86 Version 3.x.x ~ 4.x.x)
No auth needed
Prerequisites: Local access to the system · hanterm installed and potentially running with suid root
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1001950
Patch, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8109.php
Various Sources vendor-advisory x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:41.hanterm.asc
Patch, Vendor Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-112
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4050
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101310874106455&w=2
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/255168

Scores

EPSS 0.0113
EPSS Percentile 62.1%

Details

Status published
Products (2)
hanterm/hanterm 3.3
hanterm/hanterm 3.3.1
Published May 29, 2002
Tracked Since Feb 18, 2026