Description
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
References (3)
Core 3
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3919
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/7956.php
Scores
EPSS
0.0015
EPSS Percentile
35.3%
Details
Status
published
Products (8)
freebsd/freebsd
4.0
freebsd/freebsd
4.1
freebsd/freebsd
4.1.1 (3 CPE variants)
freebsd/freebsd
4.2 (2 CPE variants)
freebsd/freebsd
4.3 (3 CPE variants)
freebsd/freebsd
4.4
freebsd/heimdal
0.4e
kth/heimdal
0.4e
Published
Aug 12, 2002
Tracked Since
Feb 18, 2026