Security Advisory

CVE-2002-0754

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2003-04-02 05:00:00

Last updated 2024-08-08 03:03:47

Assigner mitre

State PUBLISHED

Description

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.

← Browse all CVEs View on cve.org ↗