What is the severity of CVE-2002-2092?

CVE-2002-2092 is considered a high severity vulnerability as it allows local users to gain elevated privileges.

How do I fix CVE-2002-2092?

To fix CVE-2002-2092, update your OpenBSD, NetBSD, or FreeBSD systems to versions that have patched the vulnerability.

Who is affected by CVE-2002-2092?

CVE-2002-2092 affects local users of OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier.

How does CVE-2002-2092 exploit the system?

CVE-2002-2092 exploits a race condition in the exec function by allowing users to attach a debugger before the kernel sets the process's privileges.

What systems are vulnerable to CVE-2002-2092?

The systems vulnerable to CVE-2002-2092 include specific versions of OpenBSD, FreeBSD, and NetBSD prior to the patched versions.

Vulnerability/
CVE-2002-2092

low

3.7

CWE

NVD-CWE-Other 362

31/12/2002

5/8/2005

8/8/2024

CVE-2002-2092: Race Condition

First published: Tue Dec 31 2002(Updated: )

Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
FreeBSD FreeBSD	=4.3-releng
FreeBSD FreeBSD	=4.1.1-stable
FreeBSD FreeBSD	=3.1
OpenBSD	=2.8
FreeBSD FreeBSD	=4.1.1-release
FreeBSD FreeBSD	=2.2.5
NetBSD NetBSD	=1.3
NetBSD NetBSD	=1.5
FreeBSD FreeBSD	=4.4-stable
FreeBSD FreeBSD	=4.3-stable
FreeBSD FreeBSD	=2.2.2
NetBSD NetBSD	=1.3.1
OpenBSD	=2.9
FreeBSD FreeBSD	=2.2.3
FreeBSD FreeBSD	=4.3-release
OpenBSD	=2.1
NetBSD NetBSD	=1.4.2
FreeBSD FreeBSD	=4.2-stable
FreeBSD FreeBSD	=3.5.1
OpenBSD	=2.2
NetBSD NetBSD	=1.3.3
OpenBSD	=2.0
OpenBSD	=2.7
FreeBSD FreeBSD	=4.1
FreeBSD FreeBSD	=2.2.8
NetBSD NetBSD	=1.5.1
FreeBSD FreeBSD	=4.4-releng
FreeBSD FreeBSD	=4.4
FreeBSD FreeBSD	=2.2
FreeBSD FreeBSD	=3.0
OpenBSD	=2.4
FreeBSD FreeBSD	=3.2
NetBSD NetBSD	=1.5.2
FreeBSD FreeBSD	=4.2
NetBSD NetBSD	=1.4.3
FreeBSD FreeBSD	=2.2.4
FreeBSD FreeBSD	=2.1.0
FreeBSD FreeBSD	=2.2.6
OpenBSD	=3.0
FreeBSD FreeBSD	=3.3
FreeBSD FreeBSD	=4.0
FreeBSD FreeBSD	=4.1.1
FreeBSD FreeBSD	=4.3
FreeBSD FreeBSD	=3.4
FreeBSD FreeBSD	=3.5
NetBSD NetBSD	=1.4
NetBSD NetBSD	=1.3.2
OpenBSD	=2.6
NetBSD NetBSD	=1.4.1
OpenBSD	=2.5
OpenBSD	=2.3
FreeBSD FreeBSD	=2.0

Remedy

http://www.securityfocus.com/bid/3891

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-2092?
CVE-2002-2092 is considered a high severity vulnerability as it allows local users to gain elevated privileges.
How do I fix CVE-2002-2092?
To fix CVE-2002-2092, update your OpenBSD, NetBSD, or FreeBSD systems to versions that have patched the vulnerability.
Who is affected by CVE-2002-2092?
CVE-2002-2092 affects local users of OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier.
How does CVE-2002-2092 exploit the system?
CVE-2002-2092 exploits a race condition in the exec function by allowing users to attach a debugger before the kernel sets the process's privileges.
What systems are vulnerable to CVE-2002-2092?
The systems vulnerable to CVE-2002-2092 include specific versions of OpenBSD, FreeBSD, and NetBSD prior to the patched versions.

agent/type
agent/first-publish-date
agent/references
agent/author
agent/remedy
agent/weakness
agent/severity
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/freebsd
canonical/freebsd freebsd
version/freebsd freebsd/4.3-releng
version/freebsd freebsd/4.1.1-stable
version/freebsd freebsd/3.1
vendor/openbsd
canonical/openbsd
version/openbsd/2.8
version/freebsd freebsd/4.1.1-release
version/freebsd freebsd/2.2.5
vendor/netbsd
canonical/netbsd netbsd
version/netbsd netbsd/1.3
version/netbsd netbsd/1.5
version/freebsd freebsd/4.4-stable
version/freebsd freebsd/4.3-stable
version/freebsd freebsd/2.2.2
version/netbsd netbsd/1.3.1
version/openbsd/2.9
version/freebsd freebsd/2.2.3
version/freebsd freebsd/4.3-release
version/openbsd/2.1
version/netbsd netbsd/1.4.2
version/freebsd freebsd/4.2-stable
version/freebsd freebsd/3.5.1
version/openbsd/2.2
version/netbsd netbsd/1.3.3
version/openbsd/2.0
version/openbsd/2.7
version/freebsd freebsd/4.1
version/freebsd freebsd/2.2.8
version/netbsd netbsd/1.5.1
version/freebsd freebsd/4.4-releng
version/freebsd freebsd/4.4
version/freebsd freebsd/2.2
version/freebsd freebsd/3.0
version/openbsd/2.4
version/freebsd freebsd/3.2
version/netbsd netbsd/1.5.2
version/freebsd freebsd/4.2
version/netbsd netbsd/1.4.3
version/freebsd freebsd/2.2.4
version/freebsd freebsd/2.1.0
version/freebsd freebsd/2.2.6
version/openbsd/3.0
version/freebsd freebsd/3.3
version/freebsd freebsd/4.0
version/freebsd freebsd/4.1.1
version/freebsd freebsd/4.3
version/freebsd freebsd/3.4
version/freebsd freebsd/3.5
version/netbsd netbsd/1.4
version/netbsd netbsd/1.3.2
version/openbsd/2.6
version/netbsd netbsd/1.4.1
version/openbsd/2.5
version/openbsd/2.3
version/freebsd freebsd/2.0