Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1185

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2001-1185
Last Modified 05 Sep 2008 04:25:54
Published 10 Dec 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-1185

Summary

Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.

Vulnerable Systems

Operating System

  • Freebsd 4.4


References

BID - 3661

BUGTRAQ - 20011210 AIO vulnerability

XF - bsd-aio-overwrite-memory(7693)

OSVDB - 2001


Last Updated: 27 May 2016 10:36:34