Vulnerability Database

290,273

Total vulnerabilities in the database

CVE-2002-0820

FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges.

  • Published: Aug 12, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-0820
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
freebsd / freebsd 4.6 4.6.x