CVE-2002-0754

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:freebsd:heimdal:0.4e:*:*:*:*:*:*:*
cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-08-12 04:00

Updated : 2023-12-10 10:17


NVD link : CVE-2002-0754

Mitre link : CVE-2002-0754

CVE.ORG link : CVE-2002-0754


JSON object : View

Products Affected

kth

  • heimdal

freebsd

  • freebsd
  • heimdal