Lucene search

[email protected]CVE-2001-0371

HistoryJun 18, 2001 - 4:00 a.m.

CVE-2001-0371

2001-06-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2001-0371

freebsd 4.2

ufs

ext2fs

race condition

local user access

deleted data

7.2 High

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.

CPENameOperatorVersion
freebsd:freebsdfreebsdle4.2

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	le	4.2

References

archives.neohapsis.com/archives/freebsd/2001-03/0403.html

www.osvdb.org/5682

exchange.xforce.ibmcloud.com/vulnerabilities/6268

7.2 High

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON