Privilege Escalation via RCMD_CMD Environment Variable in NetBSD 1.4.x through 1.5.1
CVE-2001-1091 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
Learn more about our User Device Pen Test.