CVE Vulnerabilities

CVE-2001-0061

Published: Feb 12, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child’s address space.

Affected Software

Name Vendor Start Version End Version
Freebsd Freebsd 3.5.1 3.5.1
Freebsd Freebsd 4.1 4.1
Freebsd Freebsd 4.1.1 4.1.1
Freebsd Freebsd 4.2 4.2

References