CVE Vulnerabilities

CVE-2002-0766

Published: Aug 12, 2002 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel’s file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor.

Affected Software

Name Vendor Start Version End Version
Openbsd Openbsd 2.9 2.9
Openbsd Openbsd 3.0 3.0
Openbsd Openbsd 3.1 3.1

References