7.2

CVE-2001-1180

Exploit
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version4.0
FreebsdFreebsd Version4.1
FreebsdFreebsd Version4.2
FreebsdFreebsd Version4.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.6% 0.437
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:42.signal.v1.1.asc
http://archives.neohapsis.com/archives/bugtraq/2001-07/0179.html
Patch
Vendor Advisory
Exploit
http://ciac.llnl.gov/ciac/bulletins/l-111.shtml
http://www.kb.cert.org/vuls/id/943633
Patch
Third Party Advisory
US Government Resource
http://www.osvdb.org/1897
http://www.securityfocus.com/bid/3007
Patch
Vendor Advisory
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/6829