CVE-2010-2693

Sažetak

FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.

Reference

http://secunia.com/advisories/40567
http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc
http://www.securityfocus.com/bid/41577
http://www.securitytracker.com/id?1024182
http://www.vupen.com/english/advisories/2010/1787

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

14-07-2010 - 04:00

Objavljeno

13-07-2010 - 20:30