CVE-2004-2012 in NetBSDinfo

Summary

The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

05/04/2005

Disclosure

12/31/2004

Moderation

VulDB entry created

Entries

1: VDB-22983

CPE

ready

CWE

Unknown

Exploit

Download

CVSS

8.4

EPSS

0.00306

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-2012
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-2012
CVE Details	https://www.cvedetails.com/cve/CVE-2004-2012/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!