{"vuid":"VU#809347","idnumber":"809347","name":"FreeBSD privilege elevation vulnerability","keywords":["Local user","suid application","stdin","stdout","stderr closed"],"overview":"A locally exploitable privilege elevation vulnerability exists in FreeBSD.","clean_desc":"A locally exploitable privilege elevation vulnerability exists in FreeBSD. For more information, please see the Pine Internet Security Advisory.","impact":"A local user can gain root privileges.","resolution":"Please see ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc for patch information.","workarounds":"","sysaffected":"","thanks":"The CERT/CC thanks PINE-CERT for discovering this vulnerability.","author":"This document was written by Ian A. Finlay.","public":["ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc","http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0033.html","http://www.pine.nl/advisories/pine-cert-20020401.txt","http://www.iss.net/security_center/static/8920.php","http://www.securityfocus.com/bid/4568"],"cveids":["CVE-2002-0572"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-04-22T13:22:17Z","publicdate":"2002-04-22T00:00:00Z","datefirstpublished":"2002-08-20T18:17:36Z","dateupdated":"2002-08-20T18:17:57Z","revision":16,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"16","cam_easeofexploitation":"15","cam_attackeraccessrequired":"10","cam_scorecurrent":"20.25","cam_scorecurrentwidelyknown":"20.25","cam_scorecurrentwidelyknownexploited":"33.75","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":20.25,"vulnote":null}