CVE-2002-1506

Linuxconf <1.28r4 - RCE

Title source: llm
STIX 2.1

Description

Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.

Exploits (3)

exploitdb WRITEUP VERIFIED
by syscalls · textlocallinux
https://www.exploit-db.com/exploits/21763
exploitdb WORKING POC VERIFIED
by David Endler · clocallinux
https://www.exploit-db.com/exploits/21762
exploitdb WORKING POC VERIFIED
by RaiSe · clocallinux
https://www.exploit-db.com/exploits/21761

References (5)

Scores

EPSS 0.0046
EPSS Percentile 64.4%

Details

Status published
Products (33)
jacques_gelinas/linuxconf 1.1.6r10
jacques_gelinas/linuxconf 1.1.7
jacques_gelinas/linuxconf 1.1.8
jacques_gelinas/linuxconf 1.1.9r1
jacques_gelinas/linuxconf 1.1.9r2
jacques_gelinas/linuxconf 1.2
jacques_gelinas/linuxconf 1.2.1
jacques_gelinas/linuxconf 1.2.1r1
jacques_gelinas/linuxconf 1.2.1r2
jacques_gelinas/linuxconf 1.2.1r3
... and 23 more
Published Apr 02, 2003
Tracked Since Feb 18, 2026