Vulnerability in Bsdi Bsd_os

CVE-2000-1103

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.

EPSS: 0.009 (56.3th percentile) — read the EPSS interpretation.

Affected products

  • Bsdi Bsd_os — versions 3.0, 3.1, 4.0
  • N/a — versions n/a

References

  • cve@mitre.org (Vendor Advisory, mailing-list, Exploit, x_refsource_BUGTRAQ)
  • cve@mitre.org (Exploit, vdb-entry, x_refsource_BID, Vendor Advisory)