Vulnerabilities > CVE-2001-0061 - Unspecified vulnerability in Freebsd

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

freebsd

NVD

Published: 2001-02-12

Updated: 2024-11-20

Summary

procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 3.5.1 Freebsd Freebsd 4.1 Freebsd Freebsd 4.2 Freebsd Freebsd 4.1.1	4

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc
http://www.osvdb.org/1697
http://www.osvdb.org/1697
http://www.securityfocus.com/bid/2130
http://www.securityfocus.com/bid/2130
https://exchange.xforce.ibmcloud.com/vulnerabilities/6106
https://exchange.xforce.ibmcloud.com/vulnerabilities/6106