CVE-2001-1185 - OpenCVE

Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:H/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Freebsd	Freebsd

Configuration 1 [-]

cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*

References

Link	Resource
http://www.iss.net/security_center/static/7693.php	Vendor Advisory
http://www.osvdb.org/2001
http://www.securityfocus.com/archive/1/244583	Vendor Advisory
http://www.securityfocus.com/bid/3661	Exploit Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-06-25T04:00:00

Updated: 2002-03-22T10:00:00

Reserved: 2002-03-15T00:00:00

Link: CVE-2001-1185

JSON object: View

NVD Information

Status : Analyzed

Published: 2001-12-10T05:00:00.000

Modified: 2008-09-05T20:25:54.093

Link: CVE-2001-1185

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-12-10T00:00:00", "descriptions": [{"lang": "en", "value": "Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-03-22T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "bsd-aio-overwrite-memory(7693)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/7693.php"}, {"name": "20011210 AIO vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/244583"}, {"name": "3661", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3661"}, {"name": "2001", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/2001"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1185", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "bsd-aio-overwrite-memory(7693)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7693.php"}, {"name": "20011210 AIO vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/244583"}, {"name": "3661", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3661"}, {"name": "2001", "refsource": "OSVDB", "url": "http://www.osvdb.org/2001"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1185", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-03-15T00:00:00", "dateUpdated": "2002-03-22T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}