CVE-2002-0542

Sažetak

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.

Reference

http://marc.info/?l=bugtraq&m=101855467811695&w=2
http://online.securityfocus.com/archive/1/267089
http://www.iss.net/security_center/static/8818.php
http://www.openbsd.org/errata30.html#mail
http://www.osvdb.org/5269
http://www.securityfocus.com/bid/4495

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

18-10-2016 - 02:20

Objavljeno

03-07-2002 - 04:00