CVE-2002-0851

ISDN4Linux - Privilege Escalation

Title source: llm

Description

Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.

Exploits (2)

exploitdb WORKING POC VERIFIED

by TESO Security · perllocallinux

https://www.exploit-db.com/exploits/21701

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Gobbles Security · clocallinux

https://www.exploit-db.com/exploits/21700

View Code ZIP pw:eip

References (3)

[Patch, Vendor Advisory] http://www.iss.net/security_center/static/9811.php

[Exploit, Vendor Advisory] http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0068.html

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/5437

Scores

EPSS 0.0064

EPSS Percentile 70.6%

Details

Status published

Products (1)

isdn4linux/isdn4linux 3.1_pre1

Published Sep 05, 2002

Tracked Since Feb 18, 2026