CVE-2001-1029

CVE-2001-1029 : In FreeBSD 4.4 and earlier, libutil in OpenSSH does not drop privileges before verifying capabilities for reading copyright and welcome files, allowing local users to bypass capability checks and read arbitrary files by specifying alternate files. The description provides the vuln...

CVE-2002-0754

Kerberos 5 su k5su in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them...

CVE-2001-1185

CVE-2001-1185 affects FreeBSD 4.4. Some AIO operations may be delayed until after an execve call, allowing a local user to overwrite memory of the new process and gain privileges. The provided documents do not include exploitation details or remediation/fix information.

Security Advisory FreeBSD-SA-02:24.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:24.k5su Security Advisory The FreeBSD Project Topic: k5su utility does not honor wheel' group Category: kerberos5 Module: kerberos5/usr.bin/k5su Announced: 2002-05-20...

CVE-2001-1185

Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges...

PT-2001-2176 · Freebsd +1 · Openssh +2

Name of the Vulnerable Software and Affected Versions: OpenSSH on FreeBSD versions 4.4 and earlier Description: The issue allows local users to bypass capabilities checks and read arbitrary files by specifying alternate copyright or welcome files, due to libutil in OpenSSH not dropping privileges...