Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1103

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-1103
Last Modified 05 Sep 2008 04:22:39
Published 09 Jan 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-1103

Summary

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.

Vulnerable Systems

Operating System

  • Bsdi Bsd Os 3.0

  • Bsdi Bsd Os 3.1

  • Bsdi Bsd Os 4.0

  • Bsdi Bsd Os 4.0.1


References

BID - 2009

BUGTRAQ - 20001127 BSDi 3.0/4.0 rcvtty gid=tty exploit... (mh package)


Last Updated: 27 May 2016 10:36:01