 |
|
Затронутые продукты: |  | FREEBSD : FreeBSD 5.0 | |  | OPENBSD : OpenBSD 2.9 | |  | SCO : UnixWare 7.1 | |  | HP : HP-UX 11.11 | |  | OPENBSD : OpenBSD 3.0 | |  | SCO : Open UNIX 8.0 | |  | FREEBSD : FreeBSD 4.5 | |  | OPENBSD : OpenBSD 3.1 | |  | ORACLE : Solaris 9 | |  | IBM : AIX 5.3 | CVE: |  | CVE-2007-0394 (HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.) | |  | CVE-2007-0393 (Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.) | |  | CVE-2007-0392 (IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.) | |  | CVE-2002-0572 (FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.) |
|
|
|
|
|
|
|