CVE-2004-2012 in NetBSDthông tin

Tóm tắt

Bởi MITRE

The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Đặt trước

04/05/2005

Tiết lộ

31/12/2004

Kiểm duyệt

được chấp nhận

mục

VDB-22983

CPE

sẵn sàng

CWE

Không xác định

Khai thác

Tải xuống

CVSS

7.2 (NVD)

EPSS

0.00854

KEV

không

Các hoạt động

rất thấp

ngành

Lawfirm, Chemical, ...

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-2012
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-2012
CVE Details	https://www.cvedetails.com/cve/CVE-2004-2012/

◂ Trước Tổng Quan Tiếp theo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!