Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0557

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0557
Last Modified 05 Sep 2008 04:28:20
Published 03 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0557

Summary

Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval().

Vulnerable Systems

Operating System

  • Openbsd 3.0


References

BID - 4338

XF - bsd-yp-execute-shell(8625)

OPENBSD - 20020319 016: SECURITY FIX: March 19, 2002


Last Updated: 27 May 2016 10:36:58