CVE-2002-0213 - Vulnerability Details - OpenCVE

xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sgi	Irix
Xinet	K-ashare

Configuration 1 [-]

OR	cpe:2.3:a:xinet:k-ashare:11.01:::::::*
	cpe:2.3:o:sgi:irix:6.5:::::::*
	cpe:2.3:o:sgi:irix:6.5.1:::::::*
	cpe:2.3:o:sgi:irix:6.5.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.3:::::::*
	cpe:2.3:o:sgi:irix:6.5.4:::::::*
	cpe:2.3:o:sgi:irix:6.5.5:::::::*
	cpe:2.3:o:sgi:irix:6.5.6:::::::*
	cpe:2.3:o:sgi:irix:6.5.7:::::::*
	cpe:2.3:o:sgi:irix:6.5.8:::::::*
	cpe:2.3:o:sgi:irix:6.5.9:::::::*
	cpe:2.3:o:sgi:irix:6.5.10:::::::*
	cpe:2.3:o:sgi:irix:6.5.11:::::::*
	cpe:2.3:o:sgi:irix:6.5.12:::::::*
	cpe:2.3:o:sgi:irix:6.5.13:::::::*
	cpe:2.3:o:sgi:irix:6.5.14:::::::*
	cpe:2.3:o:sgi:irix:6.5.15:::::::*

No data.

References

Link	Providers
ftp://patches.sgi.com/support/free/security/advisories/20020604-01-I
http://marc.info/?l=bugtraq&m=101223525118717&w=2
http://www.iss.net/security_center/static/8002.php
http://www.securityfocus.com/bid/3969

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-04-02T05:00:00

Updated: 2024-08-08T02:42:28.019Z

Reserved: 2002-05-01T00:00:00

Link: CVE-2002-0213

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2002-05-16T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2002-0213

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-01-28T00:00:00", "descriptions": [{"lang": "en", "value": "xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2003-03-20T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "kashare-xkas-icon-symlink(8002)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/8002.php"}, {"name": "20020604-01-I", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020604-01-I"}, {"name": "20020128 [ Hackerslab bug_paper ] Xkas application vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101223525118717&w=2"}, {"name": "3969", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3969"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0213", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "kashare-xkas-icon-symlink(8002)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8002.php"}, {"name": "20020604-01-I", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020604-01-I"}, {"name": "20020128 [ Hackerslab bug_paper ] Xkas application vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101223525118717&w=2"}, {"name": "3969", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3969"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:42:28.019Z"}, "title": "CVE Program Container", "references": [{"name": "kashare-xkas-icon-symlink(8002)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/8002.php"}, {"name": "20020604-01-I", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020604-01-I"}, {"name": "20020128 [ Hackerslab bug_paper ] Xkas application vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=101223525118717&w=2"}, {"name": "3969", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3969"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0213", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-05-01T00:00:00", "dateUpdated": "2024-08-08T02:42:28.019Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xinet:k-ashare:11.01:*:*:*:*:*:*:*", "matchCriteriaId": "C4E7693D-28EF-444D-8505-47C9547F6505", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*", "matchCriteriaId": "5B24D34C-1F95-45C8-9A57-2D2622ED9019", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*", "matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory."}, {"lang": "es", "value": "xkas en Xinet K-AShare 0.011.01 para IRIX permite a usuarios locales la lectura de ficheros de su elecci\u00f3n mediante un ataque por enlace simb\u00f3lico al fichero VOLICON file, que copia el fichero .HSicon en un directorio compartido."}], "id": "CVE-2002-0213", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-05-16T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020604-01-I"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101223525118717&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/8002.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3969"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020604-01-I"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=101223525118717&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/8002.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3969"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}