CVE-2001-1091

2001-08-23T00:00:00
ID CVE-2001-1091
Type cve
Reporter NVD
Modified 2017-12-18T21:29:32

Description

The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.