7.2

CVE-2002-0572

Exploit
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version4.4 Updatereleng
FreebsdFreebsd Version4.5 Updaterelease
FreebsdFreebsd Version4.5 Updatestable
OpenbsdOpenbsd Version2.0
OpenbsdOpenbsd Version2.1
OpenbsdOpenbsd Version2.2
OpenbsdOpenbsd Version2.3
SunSolaris Version2.5.1 Editionx86
SunSolaris Version2.6
SunSolaris Version7.0 Editionx86
SunSolaris Version8.0 Editionx86
SunSunos Version-
SunSunos Version5.5.1
SunSunos Version5.7
SunSunos Version5.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.55% 0.719
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0033.html
http://online.securityfocus.com/archive/1/268970
Patch
Vendor Advisory
Exploit
http://online.securityfocus.com/archive/1/269102
http://www.ciac.org/ciac/bulletins/m-072.shtml
http://www.iss.net/security_center/static/8920.php
http://www.kb.cert.org/vuls/id/809347
US Government Resource
http://www.osvdb.org/6095
http://www.securityfocus.com/bid/4568
Patch
Vendor Advisory
Exploit