7.2

CVE-2001-0061

procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version3.5.1
FreebsdFreebsd Version4.1
FreebsdFreebsd Version4.1.1
FreebsdFreebsd Version4.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.37% 0.284
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc
Patch
Vendor Advisory
http://www.osvdb.org/1697
http://www.securityfocus.com/bid/2130
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6106