CVE-2002-0572
CVE-2002-0572
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/21407unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.aschttp://archives.neohapsis.com/archives/vulnwatch/2002-q2/0033.htmlhttp://online.securityfocus.com/archive/1/268970http://online.securityfocus.com/archive/1/269102http://www.ciac.org/ciac/bulletins/m-072.shtmlhttp://www.iss.net/security_center/static/8920.phphttp://www.kb.cert.org/vuls/id/809347http://www.osvdb.org/6095http://www.securityfocus.com/bid/4568