CVE-2001-1180

Name of the Vulnerable Software and Affected Versions FreeBSD version 4.3

Description The issue arises from improper clearing of shared signal handlers when executing a process. This allows local users to gain privileges by calling rfork() with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.

Recommendations For FreeBSD version 4.3, consider updating to a newer version that properly clears shared signal handlers to prevent privilege escalation. As a temporary workaround, restrict the use of setuid programs and shared signal handlers to minimize the risk of exploitation.