Vulnerabilities > CVE-2002-0572

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
freebsd
openbsd
sun
exploit available

Summary

FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.

Exploit-Db

descriptionOS X 10.x, FreeBSD 4.x,OpenBSD 2.x,Solaris 2.5/2.6/7.0/8 exec C Library Standard I/O File Descriptor Closure. CVE-2002-0572. Local exploit for bsd platform
idEDB-ID:21407
last seen2016-02-02
modified2002-04-23
published2002-04-23
reporterphased
sourcehttps://www.exploit-db.com/download/21407/
titleOS X 10.x, FreeBSD 4.x,OpenBSD 2.x,Solaris 2.5/2.6/7.0/8 exec C Library Standard I/O File Descriptor Closure