CVE-2002-0754

EPSS 0.15% · P35 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0754

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Kerberos 5 su权限提升漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

k5su是一个兼容Kerberos 5的su程序。与su一样，它允许已认证用户`切换用户'以获得其他权限。getlogin和setlogin系统调用是用来管理与登录会话有关的用户名的。某些版本的k5su存在设计问题，在某些情况下，本地攻击者可能利用这个漏洞提升自己在系统中的权限。 FreeBSD 4.5-RELEASE之前版本自带的k5su命令和heimdal-0.4e_2之前版本的heimdal 移植自带的su命令使用getlogin系统调用来判断当前已登录的用户是否有`root'权限。有些情况下，由

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2002-0754

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2002-0754

请登录查看更多情报信息。

http://www.securityfocus.com/bid/3919vdb-entryx_refsource_BID
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.ascvendor-advisoryx_refsource_FREEBSD
http://www.iss.net/security_center/static/7956.phpvdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2002-0754

Same Patch Batch · n/a · 2003-04-02 · 350 CVEs total

CVE-2002-0718		Microsoft Content Management Server 2001文件上传漏洞(MS02-041)
CVE-2002-0738		MHonArc HTML脚本过滤可绕过漏洞
CVE-2002-0737		Sambar WEB服务程序服务端文件解析可绕过漏洞
CVE-2002-0736		Microsoft BackOffice授权问题漏洞
CVE-2002-0734		B2 B2config.php远程命令执行漏洞
CVE-2002-0733		ACME Labs thttpd跨站脚本执行漏洞
CVE-2002-0727		Microsoft OWC可导致Active脚本执行漏洞
CVE-2002-0726		Microsoft TSAC ActiveX远程缓冲区溢出漏洞(MS02-046)
CVE-2002-0722		Microsoft Internet Explorer 安全漏洞
CVE-2002-0720		Microsoft Windows 2000网络连接管理器权限提升漏洞(MS02-042)
CVE-2002-0719		Microsoft Content Management Server 2001 SQL注入漏洞(MS02-041)
CVE-2002-0703		Gisle Aas Digest-MD5 UTF-8摘要计算存在漏洞
CVE-2002-0695		Microsoft Data Access Components T-SQL OpenRowSet远程缓冲区溢出漏洞(MS02-040)
CVE-2002-0697		Microsoft Metadirectory服务远程LDAP客户端管理员访问漏洞(MS02-036)
CVE-2002-0698		Microsoft Exchange Server 缓冲区错误漏洞
CVE-2002-0700		Microsoft Content Management Server 2001用户认证缓冲区溢出漏洞(MS02-041)
CVE-2002-0701		多个供应商进BSD KTrace SUID/SGID进程追踪漏洞
CVE-2002-0710		Rod Clark sendform.cgi远程可获得任意文件漏洞
CVE-2002-0716		OpenServer定时服务格式字符串漏洞
CVE-2002-0714		Squid FTP代理数据通道漏洞

Showing top 20 of 350 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2002-0754

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2002-0754

I. Basic Information for CVE-2002-0754

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2002-0754

III. Intelligence Information for CVE-2002-0754

Same Patch Batch · n/a · 2003-04-02 · 350 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2002-0754

Leave a comment