Vulnerabilities > CVE-2002-0754 - Privilege Escalation vulnerability in Kerberos 5 su
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
OS | 11 |