Vulnerabilities > CVE-2002-0754

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

freebsd

kth

NVD

Published: 2002-08-12

Updated: 2024-11-20

Summary

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.

Vulnerable Configurations

Part	Description	Count
Application	Freebsd Freebsd Heimdal 0.4E	1
Application	Kth KTH Heimdal 0.4E	1
OS	Freebsd Freebsd Freebsd 4.1.1 Freebsd Freebsd 4.3 Freebsd Freebsd 4.2 Freebsd Freebsd 4.1 Freebsd Freebsd 4.0 Freebsd Freebsd 4.4	11

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc
http://www.iss.net/security_center/static/7956.php
http://www.iss.net/security_center/static/7956.php
http://www.securityfocus.com/bid/3919
http://www.securityfocus.com/bid/3919

Vulnerabilities > CVE-2002-0754 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2002-0754"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2002-0754