CVE Vulnerabilities

CVE-2001-1180

Published: Jul 10, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.

Affected Software

Name Vendor Start Version End Version
Freebsd Freebsd 4.0 4.0
Freebsd Freebsd 4.1 4.1
Freebsd Freebsd 4.2 4.2
Freebsd Freebsd 4.3 4.3

References