CVE-2001-1017

Опубликовано: 04 сент. 2001

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords.

Ссылки

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:59.rmuser.v1.1.asc
Patch
Vendor Advisory
http://www.osvdb.org/1947
http://www.securityfocus.com/bid/3282
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7086
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:59.rmuser.v1.1.asc
Patch
Vendor Advisory
http://www.osvdb.org/1947
http://www.securityfocus.com/bid/3282
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7086

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00036

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-px2w-2hm4-m39w

github

больше 3 лет назад