CVE-2004-1066

Sažetak

The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.

Reference

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc
https://exchange.xforce.ibmcloud.com/vulnerabilities/18321

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:30

Objavljeno

10-01-2005 - 05:00