CVE-2001-0196
First published: Thu May 03 2001(Updated: )
inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD Kernel | =3.5.1 | |
| FreeBSD Kernel | =4.2 | |
| FreeBSD Kernel | =4.1.1 | |
| FreeBSD Kernel | =3.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0196?
CVE-2001-0196 is classified as a medium severity vulnerability due to its potential to allow unauthorized access to sensitive file information.
How do I fix CVE-2001-0196?
To fix CVE-2001-0196, upgrade to a version of FreeBSD that does not include the vulnerable inetd ident server.
What versions of FreeBSD are affected by CVE-2001-0196?
CVE-2001-0196 affects FreeBSD 3.5, 3.5.1, 4.1.1, and 4.2.
What risk does CVE-2001-0196 pose to my system?
CVE-2001-0196 allows remote attackers to read the first 16 bytes of files accessible by the wheel group, which may expose sensitive data.
Is CVE-2001-0196 exploitable remotely?
Yes, CVE-2001-0196 can be exploited remotely by attackers targeting the inetd ident service.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/weakness
- agent/author
- agent/references
- agent/severity
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/freebsd
- canonical/freebsd kernel
- version/freebsd kernel/3.5.1
- version/freebsd kernel/4.2
- version/freebsd kernel/4.1.1
- version/freebsd kernel/3.5