VULHUB ™

FreeBSD Security Advisory FreeBSD-SA-02:23 - Setuid or setgid applications can be used for privilege elevation due to insecure handling of stdio file descriptors on FreeBSD releases up to and including 4.5-RELEASE. It is known that the 'keyinit' set-user-id program is exploitable using this method. This vulnerability was discovered by Joost Pol.

FreeBSD Security Advisory FreeBSD-SA-02:23 - Setuid or setgid applications can be used for privilege elevation due to insecure handling of stdio file descriptors on FreeBSD releases up to and including 4.5-RELEASE. It is known that the 'keyinit' set-user-id program is exploitable using this method. This vulnerability was discovered by Joost Pol.