CVE-2002-0244

AtheOS 0.3.7 - Directory Traversal via Chroot Chdir Pathname

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0244. PoCs published by Jedi/Sector.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in AtheOS (CVE-2002-0244) by escaping a chroot jail using relative path traversal (../). It lists directory contents outside the intended root, proving privilege escalation or unauthorized access.

Description

Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the jail via a .. (dot dot) in the pathname argument to chdir.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jedi/Sector · clocalatheos

https://www.exploit-db.com/exploits/21282

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in AtheOS (CVE-2002-0244) by escaping a chroot jail using relative path traversal (../). It lists directory contents outside the intended root, proving privilege escalation or unauthorized access.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: AtheOS (versions prior to fix for CVE-2002-0244)

No auth needed

Prerequisites: Access to a process running in a chrooted environment on AtheOS

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/8108

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/4051

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=101310622531303&w=2

Scores

EPSS 0.0286

EPSS Percentile 85.0%

Details

Status published

Products (1)

atheos/atheos 0.3.7

Published May 29, 2002

Tracked Since Feb 18, 2026