Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0766

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-0766
Last Modified 10 Sep 2008 03:12:51
Published 12 Aug 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0766

Summary

OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor.

Vulnerable Systems

Operating System

  • Openbsd 2.9

  • Openbsd 3.0

  • Openbsd 3.1


References

CERT-VN - VU#314963

XF - openbsd-file-descriptor-dos(9048)

BID - 4708

OSVDB - 5715

OSVDB - 5114

OPENBSD - 20020508 003: SECURITY FIX: May 8, 2002

BUGTRAQ - 20020509 OpenBSD local DoS and root exploit


Last Updated: 27 May 2016 10:37:04