CVE-2000-1103

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.
References
Link Resource
http://www.securityfocus.com/archive/1/147120 Exploit Vendor Advisory
http://www.securityfocus.com/bid/2009 Exploit Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*
cpe:2.3:o:bsdi:bsd_os:3.1:*:*:*:*:*:*:*
cpe:2.3:o:bsdi:bsd_os:4.0:*:*:*:*:*:*:*
cpe:2.3:o:bsdi:bsd_os:4.0.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2001-01-09 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2000-1103

Mitre link : CVE-2000-1103

CVE.ORG link : CVE-2000-1103


JSON object : View

Products Affected

bsdi

  • bsd_os