Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Apr 16, 2026

CVE-2002-0469

Description

Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.

Affected products

Ecartis/Ecartis2 versions
cpe:2.3:a:ecartis:ecartis:1.0.0_snapshot_2002-01-21:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ecartis:ecartis:1.0.0_snapshot_2002-01-21:*:*:*:*:*:*:*
- cpe:2.3:a:ecartis:ecartis:1.0.0_snapshot_2002-01-25:*:*:*:*:*:*:*
Listar/Listar3 versions
cpe:2.3:a:listar:listar:0.126a:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:listar:listar:0.126a:*:*:*:*:*:*:*
- cpe:2.3:a:listar:listar:0.127a:*:*:*:*:*:*:*
- cpe:2.3:a:listar:listar:0.129a:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/4277nvdExploitVendor Advisory
www.iss.net/security_center/static/8444.phpnvdVendor Advisory
www.securityfocus.com/archive/1/261209nvdVendor Advisory
archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000