Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0424

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0424
Last Modified 05 Sep 2008 04:24:04
Published 02 Jul 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0424

Summary

BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.

Vulnerable Systems

Operating System

  • Freebsd 6.2

Application

  • Timecop Bubblemon 1.0

  • Timecop Bubblemon 1.0pl1

  • Timecop Bubblemon 1.0pl2

  • Timecop Bubblemon 1.0pl3

  • Timecop Bubblemon 1.0pl4

  • Timecop Bubblemon 1.0pl6

  • Timecop Bubblemon 1.0pl7

  • Timecop Bubblemon 1.0pl8

  • Timecop Bubblemon 1.0pl9

  • Timecop Bubblemon 1.1

  • Timecop Bubblemon 1.1test1

  • Timecop Bubblemon 1.1test2

  • Timecop Bubblemon 1.1test3

  • Timecop Bubblemon 1.1test4

  • Timecop Bubblemon 1.1test5

  • Timecop Bubblemon 1.1test6

  • Timecop Bubblemon 1.1test7

  • Timecop Bubblemon 1.2

  • Timecop Bubblemon 1.21

  • Timecop Bubblemon 1.21test1

  • Timecop Bubblemon 1.22

  • Timecop Bubblemon 1.23

  • Timecop Bubblemon 1.2test1

  • Timecop Bubblemon 1.3

  • Timecop Bubblemon 1.31


References

BID - 2609

BUGTRAQ - 20010415 BubbleMon 1.31


Last Updated: 27 May 2016 10:36:16