CVE Vulnerabilities

CVE-2000-1103

Published: Jan 09, 2001 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.

Affected Software

Name Vendor Start Version End Version
Bsd_os Bsdi 3.0 3.0
Bsd_os Bsdi 3.1 3.1
Bsd_os Bsdi 4.0 4.0
Bsd_os Bsdi 4.0.1 4.0.1

References