FreeBSD privilege elevation vulnerability

Overview

A locally exploitable privilege elevation vulnerability exists in FreeBSD.

Description

A locally exploitable privilege elevation vulnerability exists in FreeBSD. For more information, please see the Pine Internet Security Advisory.

---

Impact

A local user can gain root privileges.

---

Solution

Please see <ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc&gt; for patch information.

---

Vendor Information

809347

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

FreeBSD __ Affected

Updated: August 20, 2002

Status

Affected

Vendor Statement

<ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23809347 Feedback>).

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc&gt;
• <http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0033.html&gt;
• <http://www.pine.nl/advisories/pine-cert-20020401.txt&gt;
• <http://www.iss.net/security_center/static/8920.php&gt;
• <http://www.securityfocus.com/bid/4568&gt;

Acknowledgements

The CERT/CC thanks PINE-CERT for discovering this vulnerability.

This document was written by Ian A. Finlay.

Other Information

CVE IDs:	CVE-2002-0572
Severity Metric:	20.25 Date Public: