Vulnerabilities > CVE-2002-0542 - Unspecified vulnerability in Openbsd 2.9/3.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

openbsd

exploit available

NVD

Published: 2002-07-03

Updated: 2016-10-18

Summary

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd 2.9 Openbsd Openbsd 3.0	2

Exploit-Db

description	OpenBSD 2.9/3.0 Default Crontab root Compromise Vulnerability. CVE-2002-0542. Local exploit for openbsd platform
id	EDB-ID:21373
last seen	2016-02-02
modified	2002-04-11
published	2002-04-11
reporter	Przemyslaw Frasunek
source	https://www.exploit-db.com/download/21373/
title	OpenBSD 2.9/3.0 Default Crontab Root Compromise Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References