CVE-2002-0754
Summary
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
- LOW
- LOCAL
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published