PT-2001-2287 · Freebsd+2 · Freebsd+2

Published

2001-08-17

Updated

2008-09-10

CVE-2001-1145

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FreeBSD versions 4.3 and earlier NetBSD versions prior to 1.5.2 OpenBSD versions 2.9 and earlier

Description The issue allows fts routines to be forced into a different directory than intended when the directory above the current directory is moved. This could cause scripts to perform dangerous actions on the wrong directories.

Recommendations For FreeBSD versions 4.3 and earlier, consider updating to a version later than 4.3 to resolve the issue. For NetBSD versions prior to 1.5.2, update to version 1.5.2 or later to fix the problem. For OpenBSD versions 2.9 and earlier, update to a version later than 2.9 to mitigate the risk.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1145

Affected Products

Freebsd

Netbsd

Openbsd

PT-2001-2287 · Freebsd+2 · Freebsd+2

CVE-2001-1145

Related Identifiers

Affected Products

References · 7