Vulnerabilities > CVE-2000-1103 - Unspecified vulnerability in Bsdi BSD OS

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

bsdi

exploit available

NVD

Published: 2001-01-09

Updated: 2008-09-05

Summary

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.

Vulnerable Configurations

Part	Description	Count
OS	Bsdi Bsdi BSD OS 3.0 Bsdi BSD OS 3.1 Bsdi BSD OS 4.0 Bsdi BSD OS 4.0.1	4

Exploit-Db

description	BSDi 3.0 / 4.0 rcvtty[mh] Local Exploit. CVE-2000-1103. Local exploit for bsd platform
id	EDB-ID:202
last seen	2016-01-31
modified	2000-11-21
published	2000-11-21
reporter	vade79
source	https://www.exploit-db.com/download/202/
title	BSDi 3.0 / 4.0 - rcvttymh Local Exploit

References

http://www.securityfocus.com/archive/1/147120
http://www.securityfocus.com/bid/2009