CVE-2001-0061

Опубликовано: 12 фев. 2001

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space.

Ссылки

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc
Patch
Vendor Advisory
http://www.osvdb.org/1697
http://www.securityfocus.com/bid/2130
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6106
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc
Patch
Vendor Advisory
http://www.osvdb.org/1697
http://www.securityfocus.com/bid/2130
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6106

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00047

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-xv29-cvx6-qc29

github

больше 3 лет назад