6 matches found
EUVD-2007-0395
Malware in sbrugna...
Design/Logic Flaw
IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572...
Design/Logic Flaw
Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572...
Design/Logic Flaw
HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572...
CVE-2002-0572
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 standard input, 1 standard output, or 2 standard error, which may then be reused by a called setuid process that intended to...
CVE-2002-0572
CVE-2002-0572 affects BSD-based systems (notably FreeBSD 4.5 and earlier); the issue arises when a local user closes standard input/output/error (FDs 0–2) and a subsequent setuid-invoked I/O operation reuses those descriptors, allowing read/write access to restricted files. Connected records corr...