CVE-2001-1145

Severity

62%

Complexity

19%

Confidentiality

165%

fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.

fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.

CVSS 2.0 Base Score 6.2. CVSS Attack Vector: local. CVSS Attack Complexity: high. CVSS Vector: (AV:L/AC:H/Au:N/C:C/I:C/A:C).

Overview

First reported 23 years ago

2001-08-17 04:00:00

Last updated 16 years ago

2008-09-10 19:09:00

Affected Software

FreeBSD 4.3

4.3

NetBSD 1.5

1.5

NetBSD 1.5.1

1.5.1

OpenBSD

References

FreeBSD-SA-01:40

NetBSD-SA2001-016

Patch, Vendor Advisory

bsd-fts-race-condition(8715)

20010530 029: SECURITY FIX: May 30, 2001

Patch

5466

3205

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.