Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1047

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2001-1047
Last Modified 21 Aug 2009 12:07:41
Published 02 Jun 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-1047

Summary

Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.

Vulnerable Systems

Operating System

  • Openbsd 2.6

  • Openbsd 2.7

  • Openbsd 2.8

  • Openbsd 2.9


References

XF - openbsd-pipe-race-dos(6661)

XF - openbsd-dup2-race-dos(6660)

BID - 2818

BID - 2817

BUGTRAQ - 20010602 Locally exploitable races in OpenBSD VFS


Last Updated: 27 May 2016 10:36:30