CVE-2002-2092

Sažetak

Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.

Reference

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc
http://www.osvdb.org/19475
http://www.securityfocus.com/bid/3891
https://exchange.xforce.ibmcloud.com/vulnerabilities/7945

CVSS

Base:	3.7
Impact:	6.4
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

19-12-2017 - 02:29

Objavljeno

31-12-2002 - 05:00