Lucene search

K
cve[email protected]CVE-2001-0872
HistoryDec 21, 2001 - 5:00 a.m.

CVE-2001-0872

2001-12-2105:00:00
NVD-CWE-Other
web.nvd.nist.gov
31
cve-2001-0872
openssh 3.0.1
uselogin
environment variables
root privileges
nvd

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.8%

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.8%

Related for CVE-2001-0872