CVE-2006-1588

Sažetak

The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.

Reference

ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc
http://secunia.com/advisories/19464
http://securitytracker.com/id?1015846
http://www.osvdb.org/24262
http://www.securityfocus.com/bid/17312
https://exchange.xforce.ibmcloud.com/vulnerabilities/25582

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

03-04-2006 - 10:04