Lucene search

[email protected]CVE-2002-0755

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0755

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

kerberos

k5su

freebsd

unauthorized access

root access

security vulnerability

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.1%

JSON

Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root.

Affected configurations

NVD

Node

freebsdfreebsdMatch4.4release

freebsdfreebsdMatch4.5release

CPENameOperatorVersion
freebsd:freebsdfreebsdeq4.4
freebsd:freebsdfreebsdeq4.5

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	4.4
freebsd:freebsd	freebsd	eq	4.5

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc

www.iss.net/security_center/static/9125.php

www.osvdb.org/4893

www.securityfocus.com/bid/4777

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.1%

JSON

Related for CVE-2002-0755

cvelist1 nvd1