CVE-2002-0239
Description
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:hanterm:hanterm:3.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:hanterm:hanterm:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:hanterm:hanterm:3.3.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
Root cause
"A buffer overflow vulnerability exists in hanterm due to improper handling of long strings passed as arguments."
Attack vector
A local user can trigger this vulnerability by executing hanterm with a maliciously constructed string as the `-fn`, `-hfb`, or `-hfn` argument [ref_id=1]. This long string can overwrite the stack frame's return address, allowing an attacker to redirect program execution. If hanterm is running with SUID root privileges, this can lead to a local root compromise [ref_id=1].
Affected code
The vulnerability lies within the hanterm program, specifically in how it processes arguments such as `-fn`, `-hfb`, and `-hfn`. The provided exploit code demonstrates overwriting a buffer with a long string, leading to a segmentation fault when `strcpy` is called [ref_id=1].
What the fix does
The advisory does not specify a patch or provide details on how the vulnerability is fixed. Remediation guidance suggests updating to a version of hanterm that addresses this issue.
Preconditions
- inputThe attacker must be able to execute hanterm locally.
- configHanterm must be installed on the target system.
- configHanterm may be running with SUID root privileges for a full system compromise.
Reproduction
``` [x82@xpl017elz x82]$ cp /usr/X11R6/bin/hanterm . [x82@xpl017elz x82]$ gdb -q hanterm (no debugging symbols found)...(gdb) r -display 61.xx.177.27:0 -fn `perl -e 'print "x"x80'` ... Program received signal SIGSEGV, Segmentation fault. 0x80520e6 in strcpy () at ../sysdeps/generic/strcpy.c:30 ```
``` [x82@xpl017elz x82]$ ./exploit -a 61.xx.177.27:0 -o 2370 -b 88 ... bash# ```
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- www.debian.org/security/2002/dsa-112nvdPatchVendor Advisory
- www.iss.net/security_center/static/8109.phpnvdPatchVendor Advisory
- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:41.hanterm.ascnvd
- marc.infonvd
- online.securityfocus.com/archive/1/255168nvd
- securitytracker.com/idnvd
- www.securityfocus.com/bid/4050nvd
News mentions
0No linked articles in our index yet.