CVE-2002-1896

alsaplayer 0.99.71 - Local Buffer Overflow via Long Command Line Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1896. PoCs published by zillion.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Alsaplayer by supplying an overly long 'add-on path' argument, leading to arbitrary code execution. The PoC includes shellcode and a return address override to achieve RCE.

Description

Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED
by zillion · clocallinux
https://www.exploit-db.com/exploits/21814

This exploit targets a buffer overflow vulnerability in Alsaplayer by supplying an overly long 'add-on path' argument, leading to arbitrary code execution. The PoC includes shellcode and a return address override to achieve RCE.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Alsaplayer 0.99.71-1
No auth needed
Prerequisites: Alsaplayer installed with setuid bit (optional but common) · Ability to execute the vulnerable binary
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

EPSS 0.0160
EPSS Percentile 72.7%

Details

Status published
Products (1)
alsaplayer/alsaplayer 0.99.71
Published Dec 31, 2002
Tracked Since Feb 18, 2026