Vulnerabilities > CVE-2001-1091 - Local Security vulnerability in NetBSD
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 |