CVE Vulnerabilities

CVE-2003-1474

Published: Dec 31, 2003 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris.

Affected Software

Name Vendor Start Version End Version
Slashem-tty Freebsd 0.0.6e.4f.8 0.0.6e.4f.8

References