CVE-2002-0327

Century Software TERM - Local Buffer Overflow via Long tty Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0327. PoCs published by Haiku Hacker.

AI-analyzed exploit summary This exploit targets a buffer overflow in Century Software's Term program via the callin component, which is setuid root. It overflows the tty argument to overwrite the return address and execute shellcode for arbitrary command execution.

Description

Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Haiku Hacker · clocallinux
https://www.exploit-db.com/exploits/21302

This exploit targets a buffer overflow in Century Software's Term program via the callin component, which is setuid root. It overflows the tty argument to overwrite the return address and execute shellcode for arbitrary command execution.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Century Software Term (callin component)
No auth needed
Prerequisites: Local access to the system · Presence of vulnerable Term software with setuid callin/callout programs
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4174
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101477608215471&w=2
Exploit, Vendor Advisory mailing-list x_refsource_vuln-dev
http://online.securityfocus.com/archive/82/257731
Exploit, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8291.php

Scores

EPSS 0.0096
EPSS Percentile 57.2%

Details

Status published
Products (1)
century_software/term 6.27.0869
Published Jun 25, 2002
Tracked Since Feb 18, 2026