Vulnerabilities > CVE-2001-0268

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

netbsd

openbsd

NVD

Published: 2001-05-03

Updated: 2017-10-10

Summary

The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.

Vulnerable Configurations

Part	Description	Count
OS	Netbsd Netbsd Netbsd - Netbsd Netbsd 1.0 Netbsd Netbsd 1.1 Netbsd Netbsd 1.2 Netbsd Netbsd 1.2.1 Netbsd Netbsd 1.3 Netbsd Netbsd 1.3.1 Netbsd Netbsd 1.3.2 Netbsd Netbsd 1.3.3 Netbsd Netbsd 1.4 Netbsd Netbsd 1.4.1 Netbsd Netbsd 1.4.2 Netbsd Netbsd 1.4.3 Netbsd Netbsd 1.5	15
OS	Openbsd Openbsd Openbsd - Openbsd Openbsd 2.0 Openbsd Openbsd 2.1 Openbsd Openbsd 2.2 Openbsd Openbsd 2.3 Openbsd Openbsd 2.4 Openbsd Openbsd 2.5 Openbsd Openbsd 2.6 Openbsd Openbsd 2.7 Openbsd Openbsd 2.8	10

Vulnerabilities > CVE-2001-0268 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2001-0268"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2001-0268