ID CVE-2001-1415
Summary vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes.
References
Vulnerable Configurations
  • cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
cert-vn VU#191675
confirm ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/016_recover.patch
xf bsd-virecover-delete-files(10149)
Last major update 11-07-2017 - 01:29
Published 13-11-2001 - 05:00
Last modified 11-07-2017 - 01:29
Back to Top