CVE-ID

CVE-2001-0093

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20010201 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20010202)
Votes (Legacy)
ACCEPT(3) Baker, Cole, Ziese
MODIFY(2) Frech, Prosser
NOOP(1) Wall
REVIEWING(1) Christey
Comments (Legacy)
 Frech> XF:kerberos4-arbitrary-proxy(9733)
   Description states FreeBSD, but advisory is for NetBSD.
 Prosser> http://www.linuxsecurity.com/advisories/netbsd_advisory-1007.html
 CHANGE> [Prosser changed vote from ACCEPT to MODIFY]
 Prosser> The operating system in this CAN should also be NetBSD vice FreeBSD, same as in 0094.  FreeBSD 3.5 STABLE and 4.2 STABLE are vulnerable as well.  See ref
   FreeBSD-SA-01:25
   http://www.linuxsecurity.com/advisories/freebsd_advisory-1153.html
   or http://www.freebsd.org/security/security.html#adv
 Christey> This description does not explicitly mention that the problem is
   in a kerberized telnet.  Need to verify that there aren't
   already other CVE's that describe this.

Proposed (Legacy)
20010202
This is an entry on the CVE list, which standardizes names for security problems.