CVE-2002-1914

MEDIUM

Dump - Improper Locking

Title source: rule

Description

dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file.

References (6)

[Broken Link, Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/283033

[Broken Link] http://secunia.com/advisories/21520

[Third Party Advisory] http://support.avaya.com/elmodocs2/security/ASA-2006-156.htm

[Broken Link] http://www.iss.net/security_center/static/9632.php

[Broken Link] http://www.redhat.com/support/errata/RHSA-2005-583.html

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/5264

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 16.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-667

Status draft

Affected Products (2)

dump_project/dump

dump_project/dump

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026