2 matches found
CVE-2001-1091
The CVE-2001-1091 entry concerns NetBSD 1.4.x–1.5.1 where the dump and dump_lfs commands do not drop privileges properly, allowing local users to gain privileges via the RCMD_CMD environment variable. This is the stated root cause and impact. The available documents do not provide remediation det...
CVE-2001-1091
The 1 dump and 2 dumplfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMDCMD environment variable...