Vulnerabilities > CVE-2002-0820 - Unspecified vulnerability in Freebsd 4.6
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0047.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0047.html
- http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&frame=right&th=d429cd2ef1d3a2b7&seekm=ai6c0q%242289%241%40FreeBSD.csie.NCTU.edu.tw#link16
- http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&frame=right&th=d429cd2ef1d3a2b7&seekm=ai6c0q%242289%241%40FreeBSD.csie.NCTU.edu.tw#link16
- http://marc.info/?l=bugtraq&m=102979180524452&w=2
- http://marc.info/?l=bugtraq&m=102979180524452&w=2