CVE-2000-1103

Name of the Vulnerable Software and Affected Versions BSD versions 3.0 through 4.0

Description The issue concerns the rcvtty in BSD, where it fails to properly drop privileges before executing a script. This allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.

Recommendations For BSD versions 3.0 through 4.0, consider implementing a workaround to ensure proper privilege dropping before script execution, such as manually adjusting the script execution privileges or using alternative, secure methods for script execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.