CVE-2002-0572

Name of the Vulnerable Software and Affected Versions FreeBSD versions 4.5 and earlier

Description The issue allows local users to access restricted files by manipulating file descriptors. This is done by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which can then be reused by a setuid process. This process intended to perform input/output operations on normal files, but due to the file descriptor manipulation, it may end up accessing restricted files instead.

Recommendations For FreeBSD versions 4.5 and earlier, consider updating to a newer version to mitigate the risk, as the exact fix or patch details are not specified. As a temporary workaround, consider restricting the use of setuid processes or implementing additional access controls to minimize the risk of exploitation.