Vulnerabilities

CVE-2001-0268

by Fred · 07/05/2001

The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.

Date published : 2001-05-07

http://www.securityfocus.com/bid/2739

http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html

Similar

Tags: Cybersecurity Alert