Local User File Access Vulnerability in FreeBSD by FreeBSD Project
CVE-2002-0572

Currently unrated

Key Information:

Vendor: Oracle
Status: Solaris; FreeBSD; OpenBSD; Sunos
Vendor: CVE Published:; 3 July 2002

What is CVE-2002-0572?

Certain versions of FreeBSD, including 4.5 and earlier, suffer from a local file access vulnerability. This issue arises when local users manage to close standard file descriptors (0, 1, or 2), which can then be inaccurately reused by a called setuid process. This oversight may enable unauthorized read or write actions on restricted files, undermining system security and providing potential access to sensitive information.

References

http://www.iss.net/security_center/static/8920.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/4568

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/809347

third-party-advisoryx_refsource_CERT-VN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2002
Vulnerability Reserved
Jun 11, 2002

Oracle

What is CVE-2002-0572?

References

Timeline