CVE-2006-4172

Sažetak

Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178.

Reference

http://archives.neohapsis.com/archives/bugtraq/2006-09/0376.html
http://secunia.com/advisories/22064
http://securitytracker.com/id?1016926
http://securitytracker.com/id?1016928
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=414
http://www.securityfocus.com/archive/1/446945/100/0/threaded
http://www.securityfocus.com/bid/20158
https://exchange.xforce.ibmcloud.com/vulnerabilities/29132

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-10-2018 - 21:33

Objavljeno

26-09-2006 - 02:07