CVE-2002-0557

EPSS 0.53%
Published 03.07.2002 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval().

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Openbsd ≫ Openbsd Version3.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.53%	0.644

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.iss.net/security_center/static/8625.php

Patch

Vendor Advisory

http://www.openbsd.org/errata30.html#approval

http://www.securityfocus.com/bid/4338

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2002-0557

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0557

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0557

EUVD