VYPR
Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Jun 16, 2026

CVE-2002-0754

CVE-2002-0754

Description

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.

Affected products

14
  • cpe:2.3:a:freebsd:heimdal:0.4e:*:*:*:*:*:*:*
  • cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*
  • FreeBSD/FreeBSD12 versions
    cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
    • (no CPE)range: <=4.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.