Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
Max CVSS
7.2
EPSS Score
0.05%
Published
2002-08-12
Updated
2008-09-05
1 vulnerabilities found