CVE-2002-0557
OpenBSD 3.0 - Unauthenticated Privilege Escalation via YP Netgroups Password Database
Title source: llmDescription
Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval().
References (3)
Core 3
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4338
Various Sources vendor-advisory
x_refsource_openbsd
http://www.openbsd.org/errata30.html#approval
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8625.php
Scores
EPSS
0.0053
EPSS Percentile
67.3%
Details
Status
published
Products (1)
openbsd/openbsd
3.0
Published
Jul 03, 2002
Tracked Since
Feb 18, 2026