BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.
References
Link | Resource |
---|---|
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-010.txt.asc | Broken Link |
http://marc.info/?l=bugtraq&m=102812546815606&w=2 | Issue Tracking Mailing List Third Party Advisory |
http://www.iss.net/security_center/static/9738.php | Broken Link |
http://www.openbsd.org/errata31.html | Third Party Advisory |
http://www.securityfocus.com/bid/5355 | Third Party Advisory VDB Entry |
Configurations
History
11 Mar 2021, 16:19
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-59 | |
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : unknown |
References | (FREEBSD) http://marc.info/?l=bugtraq&m=102812546815606&w=2 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (OPENBSD) http://www.openbsd.org/errata31.html - Third Party Advisory | |
References | (XF) http://www.iss.net/security_center/static/9738.php - Broken Link | |
References | (BID) http://www.securityfocus.com/bid/5355 - Third Party Advisory, VDB Entry | |
References | (NETBSD) ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-010.txt.asc - Broken Link | |
CPE | cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.6.1:release_p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:* cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:*:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:1.1.5:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:* |
cpe:2.3:a:freebsd:point-to-point_protocol_daemon:-:*:*:*:*:*:*:* |
Information
Published : 2002-08-12 04:00
Updated : 2023-12-10 10:17
NVD link : CVE-2002-0824
Mitre link : CVE-2002-0824
CVE.ORG link : CVE-2002-0824
JSON object : View
Products Affected
freebsd
- point-to-point_protocol_daemon
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')