First published: Tue Dec 31 2002(Updated: )
Akfingerd 0.5 and earlier versions allow local users to cause a denial of service (crash) via a .plan with a symlink to /dev/urandom or other device, then disconnecting while data is being transferred, which causes a SIGPIPE error that Akfingerd cannot handle.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
cfingerd | =0.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2002-2244 is classified as a denial of service vulnerability that can lead to crashes of the Akfingerd service.
To fix CVE-2002-2244, upgrade to a version of Akfingerd that is later than 0.5, which does not contain this vulnerability.
CVE-2002-2244 affects Akfingerd version 0.5 and earlier versions.
CVE-2002-2244 is a local vulnerability that can be exploited by local users with access to the system.
The potential impact of CVE-2002-2244 is the unintentional crashing of the Akfingerd service, leading to denial of service.