CVE-2002-0572

Currently unrated

Key Information:

Vendor: Oracle
Status: Solaris; FreeBSD; OpenBSD; Sunos
Vendor: CVE Published:; 3 July 2002

Summary

FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.

References

http://www.iss.net/security_center/static/8920.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/4568

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/809347

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Jul 3, 2002
Vulnerability Reserved
Jun 11, 2002