Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2001-1029

libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.

  • Published: Sep 20, 2001
  • Updated: Apr 13, 2023
  • CVE: CVE-2001-1029
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
openbsd / openssh 4.5 4.5.x
freebsd / freebsd - 4.4.x