CVE-2002-0754
Published Aug 12, 2002
Last updated 16 years ago
Overview
- Description
- Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freebsd:heimdal:0.4e:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01C49637-6EB4-4842-B331-67F01C48B686"
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D034C52F-7D52-427B-A803-97ABD587306D"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937"
}
],
"operator": "OR"
}
]
}
]