CVE-2002-0754

{"id": "CVE-2002-0754", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-08-12T04:00:00.000", "references": [{"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/7956.php", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/3919", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.iss.net/security_center/static/7956.php", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/3919", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them."}, {"lang": "es", "value": "Kerberos 5 su (k5su) en FreeBSD 4.4 y anteriores se basa en la llamada al sistema getlogin para determinar si el usuario que esta ejecutando k5su es root, lo cual podr\u00eda permitir a procesos sin privilegios, la obtenci\u00f3n de permisos si ese proceso tiene un getlogin como root."}], "lastModified": "2024-11-20T23:39:47.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:freebsd:heimdal:0.4e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01C49637-6EB4-4842-B331-67F01C48B686"}, {"criteria": "cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D034C52F-7D52-427B-A803-97ABD587306D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}