| Vulnerability Name: | CVE-2002-0824 (CCN-9738) | ||||||||
| Assigned: | 2002-07-29 | ||||||||
| Published: | 2002-07-29 | ||||||||
| Updated: | 2021-03-11 | ||||||||
| Summary: | BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | ||||||||
| CVSS v3 Severity: | 2.9 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-59 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-02:32.pppd exploitable race condition in pppd Source: NETBSD Type: Broken Link NetBSD-SA2002-010 Source: CCN Type: Full-Disclosure Mailing List, Mon Sep 16 2002 - 21:12:48 CDT symlink race in pppd Source: MITRE Type: CNA CVE-2002-0824 Source: FREEBSD Type: Issue Tracking, Mailing List, Third Party Advisory FreeBSD-SA-02:32.pppd Source: XF Type: Broken Link pppd-race-condition(9738) Source: OPENBSD Type: Third Party Advisory 20020729 011: SECURITY FIX: July 29, 2002 Source: CCN Type: OSVDB ID: 20753 Multiple BSD pppd Race Condition Arbitrary File Permission Modification Source: CCN Type: OSVDB ID: 9335 Open UNIX/UnixWare ppptalk Local Privilege Escalation Source: CCN Type: OSVDB ID: 9336 Open UNIX/UnixWare ppp Local Privilege Escalation Source: BID Type: Third Party Advisory, VDB Entry 5355 Source: CCN Type: BID-5355 Multiple Vendor BSD pppd Arbitrary File Permission Modification Race Condition Vulnerability Source: XF Type: UNKNOWN pppd-race-condition(9738) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||