CVE-2002-0701 - ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace

CVE-2002-0701

Summary

ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.

References

http://marc.info/?l=bugtraq&m=102650797504351&w=2
http://www.iss.net/security_center/static/9474.php
http://www.openbsd.org/errata.html#ktrace
http://www.securityfocus.com/bid/5133

Vulnerable Configurations

cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 18-10-2016 - 02:21)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	5133
freebsd	FreeBSD-SA-02:30
openbsd	20020627 009: SECURITY FIX: June 27, 2002
xf	openbsd-ktrace-gain-privileges(9474)

Last major update

18-10-2016 - 02:21

Published

23-07-2002 - 04:00

Last modified

18-10-2016 - 02:21