search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

FreeBSD privilege elevation vulnerability

Vulnerability Note VU#809347

Original Release Date: 2002-08-20 | Last Revised: 2002-08-20

Overview

A locally exploitable privilege elevation vulnerability exists in FreeBSD.

Description

A locally exploitable privilege elevation vulnerability exists in FreeBSD. For more information, please see the Pine Internet Security Advisory.

Impact

A local user can gain root privileges.

Solution

Please see ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc for patch information.

Vendor Information

809347
 
Expand all

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

The CERT/CC thanks PINE-CERT for discovering this vulnerability.

This document was written by Ian A. Finlay.

Other Information

CVE IDs: CVE-2002-0572
Severity Metric: 20.25
Date Public: 2002-04-22
Date First Published: 2002-08-20
Date Last Updated: 2002-08-20 18:17 UTC
Document Revision: 16

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis