Zurück zur CVE-Übersicht
CVE-2002-2092
LOW(3.7)AV:L/AC:H/Au:N/C:P/I:P/A:P
Risk Signal Score9/100 — NIEDRIG
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
3.7
Technische Schwere
Beschreibung
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
Referenzen
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc
- http://www.osvdb.org/19475
- http://www.securityfocus.com/bid/3891
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7945
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc
- http://www.osvdb.org/19475
- http://www.securityfocus.com/bid/3891
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7945