← CVECheck
HomeVulnerabilities

CVE-2001-1091 — HIGH severity vulnerability (The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x throu)

The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.

CVE IDCVE-2001-1091
SeverityHIGH
CVSS score7.2
CVSS vectorAV:L/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2001-08-23
Last modified2026-04-16
DescriptionThe (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →