Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0542

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-0542
Last Modified 05 Sep 2008 04:28:17
Published 03 Jul 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0542

Summary

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.

Vulnerable Systems

Operating System

  • Openbsd 2.9

  • Openbsd 3.0


References

BID - 4495

XF - openbsd-mail-root-privileges(8818)

BUGTRAQ - 20020411 OpenBSD Local Root Compromise

CONFIRM - http://www.openbsd.org/errata30.html#mail

BUGTRAQ - 20020411 local root compromise in openbsd 3.0 and below

OSVDB - 5269


Last Updated: 27 May 2016 10:36:57