CVE-2001-1029

libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.

Published : 2001-09-20 04:00 Updated : 2017-10-10 01:29

2.1
CVSS Score More info
Score 2.1 / 10
2.1
Vendor Product Version URI
Freebsd Freebsd 4.4 cpe:/o:freebsd:freebsd:4.4
Openbsd Openssh 4.5 cpe:/a:openbsd:openssh:4.5
  1. Freebsd (1) Search CVE
    1. Freebsd (1) Search CVE
      1. 4.4
  2. Openbsd (1) Search CVE
    1. Openssh (1) Search CVE
      1. 4.5

CWE

There is no CWE for this CVE.

History of changes

Date Event
2017-10-10 05:36
2001-09-20 04:00

New CVE