Lucene search

[email protected]CVE-2002-0572

HistoryJul 03, 2002 - 4:00 a.m.

CVE-2002-0572

2002-07-0304:00:00

[email protected]

web.nvd.nist.gov

freebsd

bsd-based

operating system

local users

restricted files

file descriptors

setuid process

i/o

vulnerability

nvd

cve-2002-0572

6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.

Affected configurations

NVD

Node

freebsdfreebsdMatch4.4releng

freebsdfreebsdMatch4.5release

freebsdfreebsdMatch4.5stable

openbsdopenbsdMatch2.0

openbsdopenbsdMatch2.1

openbsdopenbsdMatch2.2

openbsdopenbsdMatch2.3

sunsolarisMatch2.5.1x86

sunsolarisMatch2.6

sunsolarisMatch7.0x86

sunsolarisMatch8.0x86

sunsunosMatch-

sunsunosMatch5.5.1

sunsunosMatch5.7

sunsunosMatch5.8

CPENameOperatorVersion
freebsd:freebsdfreebsdeq4.4
freebsd:freebsdfreebsdeq4.5
openbsd:openbsdopenbsdeq2.0
openbsd:openbsdopenbsdeq2.1
openbsd:openbsdopenbsdeq2.2
openbsd:openbsdopenbsdeq2.3
sun:solarissun solariseq2.5.1
sun:solarissun solariseq2.6
sun:solarissun solariseq7.0
sun:solarissun solariseq8.0

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	4.4
freebsd:freebsd	freebsd	eq	4.5
openbsd:openbsd	openbsd	eq	2.0
openbsd:openbsd	openbsd	eq	2.1
openbsd:openbsd	openbsd	eq	2.2
openbsd:openbsd	openbsd	eq	2.3
sun:solaris	sun solaris	eq	2.5.1
sun:solaris	sun solaris	eq	2.6
sun:solaris	sun solaris	eq	7.0
sun:solaris	sun solaris	eq	8.0